Gartner Releases Data on Hot Enterprise Topics

Gartner's 27th annual datacenter conference is producing research related to energy consumption, virtualization, cloud computing. Here are some of the most interesting numbers revealed at the conference.

Forty-two percent of IT professionals polled at the Gartner conference operate three or more datacenters in North America.

Forty-five percent are expanding or planning to expand datacenters in the next two years, while 43 percent are consolidating.

A standard 9,000 square foot, Tier 3 datacenter that supports 150 watts per square foot will cost approximately US$21.3 million (about Rs 105 crore) to build, with $1 million (about Rs 5 crore) in annual electrical costs.

Green IT practices that minimize use of chiller plants, fans and pumps, lighting and power supplies can more than halve the power costs of running a datacenter.

An aggressively "green" enterprise will pay $560,000 (about Rs 2.8 crore) in annual electrical expenses for a datacenter with a 500 kilowatt IT load. Enterprises with archaic datacenter practices will pay as much as $1.3 million (about Rs 650 lakh).

In a conventional datacenter, 35 percent to 50 percent of electrical energy is devoted to cooling. With best practices, that proportion is reduced to 15 percent.

Twenty-six percent of conference attendees buy green products only when they lower costs, save space or defer datacenter construction.

Thirty-four percent will buy green products even if they increase costs.

Storage spending is growing almost three times faster than the IT budget as a whole. From 2007 to 2011, storage spending will increase more than 7 percent a year, compared with annual IT budget growth of only 2.5 percent.
By 2012, users will install 6.5 times the amount of terabytes they installed in 2008.

Server virtualization, one of the key technologies driving costs down in datacenters, is suitable for about 70 percent of workloads.

Today, only 12 percent of x86 server workloads are running in virtual machines.
By 2013, that number will be 61 percent.

One out of every four x86 workloads deployed or redeployed in 2008 is being installed in a virtual machine. Still, vendor licensing, pricing and support plans are limiting virtualization efforts, according to 21 percent of conference attendees.

About 70 percent of virtual machines today are used in production. Just a few years ago, most were used only in test and development roles.

The server virtualization market will grow 30 percent a year through 2013, reaching $6.8 billion (about Rs 34,000 crore).

Desktop virtualization will also take off, with the number of virtualized PCs growing from less than 5 million in 2007 to 660 million by 2011.

Only two major server operating systems will experience significant growth through 2010 -- Windows and Linux. But lightweight operating systems will take off with double-digit growth, including JeOS, a variant of Ubuntu configured specifically for virtual appliances.

Thirty-eight percent of conference attendees are using some type of external cloud computing service.
By 2012 at least 14 percent of the infrastructure at Fortune 1000 companies will be service-oriented, scalable and elastic -- operated as if it they were "private clouds" for each company's users.

Source : Network World

Jon Brodkin

CIO India - Gartner Releases Data on Hot Enterprise Topics

December 04, 2008 | Comments: (1) | TrackBacks: (0)

Server virtualization: Gartner's view through 2011

Gartner predicts some game-changing numbers for server virtualization as the mass market adopts the technology into production environments

TAGS: Server Virtualization

This week in Las Vegas, Gartner's VP Distinguished Analyst Thomas Bittman delivered the keynote address at the 27th annual Gartner Data Center Conference. And as expected, one of the hot topics of discussion was server virtualization.

Bittman stated that only two or three years ago, server virtualization was mostly being used for test and development purposes. But now, the technology is being accepted into production environments to the tune of about 70 percent of all datacenters using virtual machines in some sort of production role.

[ To learn more about server virtualization, check out this InfoClipz video. ]

Bittman also announced three remarkable predictions about the virtualization industry:

• By 2012, at least 14 percent of the infrastructure and operations architecture of Fortune 1000 companies will be managed and delivered much like a cloud-computing provider, internally. These "private clouds" are essentially flexible computing networks designed to be like the solutions being offered by public providers such as Google and Amazon.
• Between 2007 and 2011, Bittman expects that the installed base of virtual machines will grow more than tenfold.
• And by 2012, he believes that the majority of x86 server workloads will be running within a virtual machine.

When talking about this hot virtualization technology, Bittman adds, "our key advice is to look beyond simple consolidation and cost savings. Virtualization can be the catalyst to drive many fundamental important changes in architectures, processes, and cultures. Even if short-term attention needs to be given to cost-savings, make sure you build a foundation that can be leveraged in a few years. Virtualization 'unlocks' cloud computing potential internally and externally."

Posted by David Marshall on December 4, 2008 07:15 AM

Server virtualization: Gartner's view through 2011 |Virtualization Report | David Marshall | InfoWorld

How to migrate Microsoft ISA Server 2006 to Microsoft Forefront TMG

ISA Server 2006: Migrating to Forefront Threat Management Gateway.

• Published: Nov 25, 2008
• Updated: Nov 25, 2008
• Section: Tutorials :: Configuration - General
• Author: Marc Grote

Introduction

Microsoft Forefront TMG (Threat Management Gateway) is the upcoming successor of ISA Server 2006 and will be available in 2009. This article is based on a beta version of Microsoft Forefront TMG. If you want to evaluate Forefront TMG, a public beta is available at the following website: Forefront TMG. If you want to have a look at a special version of Microsoft Forefront TMG which is already RTM, you should evaluate Microsoft Windows Essential Business Server 2008 which contains Forefront Threat Management Gateway, Medium Business Edition. But keep in mind that this is not the same version of TMG which Microsoft will publish in 2009 as a standalone product.

See the full article at the source.

Source: How to migrate Microsoft ISA Server 2006 to Microsoft Forefront TMG

Thomas Shinder Blog RSS

All Blogs  »  Thomas Shinder Blog  »  News ISA Central  »  Blog article: Jim Harrison LIVE (sort of) - Virtualize Your ISA or Forefront TMG Servers

Jim Harrison LIVE (sort of) - Virtualize Your ISA or Forefront TMG Servers

From the site:

“In the past, ISA has had very limited or no support on Microsoft’s virtualization platform.  Now, ISA and Forefront Threat Management Gateway (TMG) is supported .  I met up with Jim Harrison to get some guidance on what you need to think about when you virtualize your ISA/TMG servers.  We quickly dive into a whiteboard session on the various ways you can configure Hyper-V / virtual server to work with ISA/TMG and dig into the advantages and disadvantages of each network configuration such as:

• Performance
• Management
• Administration
• Security

Some other things we talk about:

• Why placing TMG on the parent is a bad idea and how you should configure the parent partition
• Configuration options of the actual ISA/TMG server
• Failover, Clustering, and Quick Migration with ISA / TMG in a virtual environment
• Configuration changes you should make for any host which faces the Internet

View the security considerations for virtualized ISA / TMG deployments guide / whitepaper Jim wrote.

See KB article 957006 which states ISA (and other) products are officially supported on Hyper-V.”

=====================================

Head on over to http://edge.technet.com/Media/Virtualize-your-ISA-...rvers/ to watch and listen to Jim Harrison’s great presentation on deploying an ISA or TMG firewall in a virtualized environment. You’ll be glad you did!

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

This entry was posted on Sunday, October 12th, 2008 at 9:54 am and is filed under News, ISA Central. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Thomas Shinder Blog » Blog Archive » Jim Harrison LIVE (sort of) - Virtualize Your ISA or Forefront TMG Servers

Virtual vs. Physical Appliances: 4 Compelling Reasons for Change

by Ronan Kavanagh, CEO, SpamTitan

Be the first to comment | I like it!
Tags: anti-spam, email, security, spam, virtual appliances, VMware

October 10, 2008, 12:26 PM —  SpamTitan — 

Virtual v’s Physical Appliances – 4 compelling reasons for change

Executive Summary

Virtual Appliances have appeared on the horizon as an unstoppable force. Where traditional appliances supplanted the office and data centre server, the virtual appliance has taken this to a new level and in turn rendered the incumbent effectively obsolete. Where appliances addressed critical needs not addressed by office servers, they also introduced further complexities and difficulties which are easily resolved by virtual servers. This white paper takes a look at the advantages of virtual appliances in comparison with physical appliances and addresses some of the key benefits. Benefits which include ease of evaluation and testing, ease of deployment, streamlined redundancy and backup, and the key benefits of scalability and mobility....

The Need for Scaleable Architecture

Most organizations today spread their applications across servers based on functional
boundaries. Both large and small companies use email servers, file servers, web servers
and so on. Over time, the trend has been to dedicate a specific server for each function.
This allows for a scaleable, highly flexible architecture. As the organization grows, greater demands are placed on the infrastructure. Not just from an increase in the number of users, but also in terms of the geographic footprint. Branch offices will require their own servers for certain applications. Fault tolerance also plays a part, driving larger installations towards multiple, duplicated servers in preference over a single monolithic system.

As servers don’t generally require user interaction, the trend has been to use vendor supplied appliances for certain types of applications. An appliance allows for a relatively small footprint and also provides more of a plug and play infrastructure over the traditional server application experience. As load increases, new appliances can be brought on-stream and the load distributed evenly. The system administrator can maintain a surplus of similar appliances and install these in the event of failure or increased load. Dividing the application base into component parts and spreading these components across multiple appliances is a tried and tested method of delivering a scaleable architecture.

However, industry research by VMware shows that the system usage per appliance can be as low as 15% of the available processing power.† Effectively, the server budget is over six hundred percent higher than necessary. Maintaining a pool of idle servers on standby in case of increased load or for failure recovery, can adversely affect the efficiency even further. Amalgamating applications on each server can go a long way toward resolving the usage issues but at a cost. Running different applications on the same server loses the scalability of the appliance solution and can create security issues.

In addition, maintaining a homogenous environment of appliances is extremely difficult if not impossible. Complicating this is the need to upgrade different applications at different times. A new appliance can have a different platform configuration which will make it difficult to migrate users from an older appliance to a new one.

Virtual Appliances

A virtual appliance is one which subdivides the physical hardware into multiple virtual machines. Each virtual machine provides a ...  See more at the source

Source - Virtual vs. Physical Appliances: 4 Compelling Reasons for Change | ITworld

Announcing: Forefront Threat Management Gateway, Medium Business Edition

I am pleased to announce that the first version of the new Forefront Threat Management Gateway (TMG) has been released to manufacturing as part of the Windows Essential Business Server 2008 (EBS) release. As I first blogged in April of this year, Forefront TMG is a new era for the ISA Server product line. It is taking us and our customers into new and innovative protection directions based on the ever-increasing threats we are seeing on the Internet today.

Forefront TMG, Medium Business Edition is fully integrated in Windows Essential Business Server and installed by default. One of the unique capabilities of this edition is the simplified setup and configuration – without taking away the ability for customers or value added service providers to provide the customization or control they may require for their specific environments. We took a specific approach in this release by asking the administrator what he/she wants to achieve, not how to do it. The end result is a server pre-configured with best practices for the most common security and access needs including Internet access, remote access and common firewall rules.

Not only does Forefront TMG include a fully featured and highly rated corporate firewall capability, but it adds a Unified Threat Management (UTM) capability to the EBS installation. It truly provides a comprehensive, all-in-one integrated edge security solution, for both the headquarters and the branch offices. The real value comes through the tight integration of the different UTM components, as well as with the other applications and solutions encompassing EBS. The integrated anti-virus subscription services provide administrative relief to IT professionals from having to constantly monitor the security threats and changing edge policies. The “Am I Secure?” page provides an easy, at a glance view of the security state and statistics of the system avoiding the need for complex understanding and expertise to provide protection for the business.

As our software, hardware and appliance partners announce exciting value–add offerings, I will keep the community informed. In addition, I will be announcing future details around the public beta for the next edition of TMG later this year on this blog. I think you will be excited and surprised and certainly well worth the wait when we announce. Stay tuned to this channel for continual updates!

David B. Cross

Product Unit Manager

Published Tuesday, September 16, 2008 1:13 PM by isablog

Forefront TMG (ISA Server) Product Team Blog : Announcing: Forefront Threat Management Gateway, Medium Business Edition

ISA 2006 SP1 and IAG 2007 Supportability Statement

Introduction

Occasionally you find the combination of two things that result in something better than the sum of the individual parts. Some combinations that come to mind are peanut butter and chocolate, steak and lobster, and ISA Server 2006 and IAG 2007. You can’t eat ISA and IAG but combined in the IAG 2007 product they create an awesome SSLVPN with rich features. Just like a good soup, IAG 2007 benefits from high quality ingredients. For more information on this “better together” approach review the articles below:

http://www.microsoft.com/forefront/edgesecurity/iag/en/us/secure-remote-access.aspx

http://www.microsoft.com/Forefront/edgesecurity/iag/en/us/faq.aspx

Real World Experience

Recently, I began seeing questions about the addition of ISA 2006 SP1 on customers IAG 2007 systems. After some research it turned out that Windows update was detecting the lack of ISA 2006 SP1 and prompting administrators to install the service pack on their IAG 2007 servers. If you are familiar with IAG 2007 predecessor eGap 3.6 you will remember that the internal server was protected by a SCSI interface that shuttled between the external and internal servers. In IAG 2007 the external server and SCSI interconnect have been removed and replaced by ISA 2006. In this configuration ISA 2006 protects the external interface of IAG 2007 amongst other things.

Since SP1 for ISA 2006 includes feature updates as well as security updates, just like any other windows application it is essential to make sure there is no security vulnerability that might affect the ISA application. Hence it is important to make sure the ISA server is also updated from time to time.

When you first initialize the IAG 2007 system you will notice that ISA server 2006 is installed as well. As applications are added to the portal trunk, rules are created in ISA 2006 to allow the specific traffic types that IAG 2007 will publish. If IAG 2007 is configured for automatic updates or you visit the Windows update site, SP1 for ISA 2006 will be queued for installation if it is not already installed. You can review the benefits of SP1 for ISA 2006 by following this link: http://blogs.technet.com/isablog/archive/2008/05/23/isa-server-2006-service-pack-1-features.aspx

As you can see from reading the list we fixed a few things in ISA 2006 with SP1. In addition, patch management is part of the Desktop, Device, and Server security process best practices that IT professionals should be following. Recently, while testing IAG 2007 SP2 our product group tested with ISA 2006 SP1 installed and found no issues related to this service pack. So go ahead and add ISA 2006 SP1 to your IAG 2007 system. I bet you will find it’s a great combination and is a high quality ingredient in your security soup.

Author
Dan Watson
Security Support Engineer –IAG Team
Microsoft – NC

Technical Reviewers
Yuri Diogenes
Security Support Engineer – ISA/IAG Team
Microsoft – Texas

Mohit Saxena
Security Technical Lead – ISA/IAG Team
Microsoft – Washington

Published Thursday, September 18, 2008 8:02 PM by edgeaccessblog
Filed under: Intelligent Application Gateway, ISA Server 2006 SP1

Intelligent Application Gateway Product Team Blog : ISA 2006 SP1 and IAG 2007 Supportability Statement

Independent research firm recognizes Microsoft NAP as a leader in Network Access Control

Published 18 September 08 12:45 AM | Forefront Blogger

Microsoft’s Network Access Protection (NAP) solution was cited as a leader (the top category) in a recent independent report, “The Forrester Wave: Network Access Control, Q3 2008.”  Microsoft was one of the many network access control (NAC) vendors invited to participate in the report.

Forrester placed a lot of emphasis on different access control scenarios for the evaluation and the different vendors were evaluated around twelve different scenarios as well as strengths across technology, strategy and market presence.

“Microsoft has the strongest NAC product for managed endpoints,” the report stated. The report goes on to state that even though its official product has only been shipping since the inception of Windows Server 2008, Microsoft has already established itself as a critical thought leader and contributor to the standardizations of NAC. “Microsoft has the overall highest score among the 12 scenarios we evaluated,” the report added.

Microsoft Network Access Protection ships with Windows Server 2008 and Windows Vista and XP SP3, and has a framework that provides interoperability with over 100 different vendors. The NAP statement of health (SOH) has also been adopted as a standard by the Trusted Computing Group’s Trusted Network Connect (TNC).

More information about Microsoft NAP can be found here http://www.microsoft.com/nap

Forefront Team Blog : Independent research firm recognizes Microsoft NAP as a leader in Network Access Control

Publishing Exchange 2007 Services with ISA Server 2006 - Creating the Publishing Rule for Outlook Anywhere with Transparent Windows Authentication

One of the most popular questions we get regarding the ISA firewall and Exchange Server is how to get transparent authentication for the Outlook client. Most users prefer to store their passwords and don’t want to enter their passwords each time they open Outlook. The problem is that if you use basic authentication at the client and at the ISA firewall’s Web Listener, you will always need to enter credentials when Outlook starts up.

Thomas Shinder Blog » Blog Archive » Publishing Exchange 2007 Services with ISA Server 2006 - Creating the Publishing Rule for Outlook Anywhere with Transparent Windows Authentication

Tales from the Edge is Online

Today we are launching in the Forefront Edge Community page a new session called: Tales from the Edge. Jim Harrison and I will host articles about Forefront Edge Suite bringing real world scenarios and documenting things that were not documented yet. In this new wave we are going to release four brand new articles with very precious information about Edge products. Visit the new Forefront Community Page at:

http://technet.microsoft.com/en-us/forefront/edgesecurity/bb687298.aspx

Filed under: ISA Administration

Yuri Diogenes's Blog : Tales from the Edge is Online

Wednesday, August 06, 2008 5:58 AM yuridio

Intermittent Performance Problem while Accessing Internet through ISA Server 2006

1. Introduction

One of the most challenges for the ISA Admin is to determine the culprit for an intermittent issue. This gets worse when the issue is related with performance. While there are many elements that can impact ISA Server’s performance, this post will describe an interesting case where the client was having problems to browse Internet through ISA Server. The web sites were coming up really slow and regardless of the browser (IE6 or IE7) the issue was happening.

Read more at the source.

Source: Yuri Diogenes's Blog : Intermittent Performance Problem while Accessing Internet through ISA Server 2006

Wednesday, July 30, 2008 3:06 PM yuridio

Do you really know what is and what is not supported on ISA Server?

Last two months for some reason were pretty busy of calls for ISA Server issues where customers were running on a non supported scenario. Interesting enough, the articles for non supported configurations are out there since ISA Server 2004. Maybe it is time to refresh your favorites and to start add those articles to it. Here you will find supportability boundaries, limitations and unsupported scenarios:

Article: Troubleshooting Unsupported Configurations

Description: In the above article you will find nice explanations about some behaviors, including the reason why ISA Server does not support multiple default gateways.

Article: Best Practices for Performance in ISA Server 2006

Description: this article will explain the options to deploy ISA Server 2006 in a virtual environment.

Article: Configuring ISA Server 2004 on a Computer with a Single Network Adapter

Description: this article is also valid for ISA Server 2006 and it has the limitations and unsupported scenarios for ISA Server when running in a single NIC system.

Besides the official ISA Server TechNet Library articles, we (ISA Server Team members) are documenting in the ISA Team Blog behaviors that are expected. Here are the articles that were published so far:

Understanding By-Design Behavior of ISA Server 2006: Buffering and Streaming Web Publishing Rule Content

Understanding By-Design Behavior of ISA Server 2006: Using Kerberos Authentication for Web Proxy Requests on ISA Server 2006 with NLB

Files larger than 512MB are not served from cache after ISA Server firewall service is restarted

The tip for the IT professionals that are implementing ISA Server 2006 is to review those articles before start any deployment. I know how frustrate it is to build the whole infra-structure and when call to CSS to open a ticket get the bad news that the environment is not supported. Although this can be a frustrated experience, you should feel glad that this product has very known and public supportability boundaries. This helps you to understand what can and what cannot be done before start deploying your ISA Server.

Filed under: ISA Administration

Yuri Diogenes's Blog : Do you really know what is and what is not supported on ISA Server?