Cloud or OnPremise Infrastructure? Stop being Manipulated!

The Question:

All too often, I’m asked should I go cloud, should I stay on-premise, should I go public or private cloud? This is not a new question in today’s technology decision-making process, its just more people in an organization are becoming aware of the cloud as it invades our personal lives and provides some fresh products, services, features and convenience to our private lives.   For example, I have iCloud which is Apple’s Cloud Services.   I take a photo with my iPhone, within 10 seconds, that photo is on my iPad, Macbook Pro, Macbook Air, iMac, and even my PC. It’s also available on any device with a web browser and Internet access.  If I create a document and place it on my desktop on my MacBook Pro, it’s automatically available on my other desktops within seconds.  My perception of the cloud is changing subconsciously because of how this technology is assisting me behind the scenes making decisions that make my life more convenient.  Microsoft and Amazon are the big players among thousands out there that offer cloud services.  You can spin up a Windows, or even Unix machine, by clicking a few buttons and then the software goes to work accomplishing the task for you.  This automation makes cloud-based services look cool.

What is Cloud?

Let’s start off by breaking down what lies under the hood of this word Cloud.  Cloud is a buzzword, a subliminal message, a very successful marketing ploy that the world fell in love with.  The illusion and magic that has been created with this word draw’s people into the idea or subconscious belief, their data is floating above their heads safe, secure, and available anytime.  Well, let me tell you something that may diminish your excitement or fantasy about the cloud.   The Cloud is a building or buildings with rows of racks, full of servers, serving up applications, storing files, providing email, sync your contacts, folders, and files.  The Cloud has been around for a very very very long time.  The marketing people just repackaged the product they are selling and gave it a cool name.  The world over time adopted it.  The cloud is not without its flaws, risks, and even rewards.   But the idea it’s something new or a game changer, it’s not.   Cloud Providers buy servers from the same places you can buy servers, put them in data centers, and provide you a service over those computers.

Why Use Cloud?

The next question I am asked:  “should I use the cloud or should I have servers onsite?  Well, that’s a loaded question that requires some thought, discussions, review or risks vs. reward, cost, etc.  There is also two cloud offerings out there that need a review when looking at Cloud Solutions. Most people are unaware of this.  They are Public Cloud and Private Cloud.

 

Public Cloud:

Public cloud in its simplest terms is sharing space on a server that several others use at the same time.  Think of it as a rental car that you pay to use for a particular amount of time when you were done, you drop it off, and someone else uses that car for a specific amount of time, then drops it off.  So the Public Cloud is NOT dedicated to you, and all consumers share the resources on that cloud   There could be hundreds of other companies using that machine, and each has to share the resources.

Private Cloud:

Private cloud in its simplest terms is a dedicated server or servers in a rack at a data center/colocation facility that is set up, configured, and dedicated to your organization.   These servers are yours, and you can use them in almost anyway you like.   This is like leasing a car for a term, and at the conclusion of the lease, you turn the car in and walk away after removing your personal items from the car.  The advantage here is, this car is yours, and no one else can schedule to rent it out.  You are in control the server and how its resources are allocated. Furthermore, your data, applications and Intellectual Property is not sitting on a server shared by several others.

 

NOTE: FBI/Police subpoenas could take your infrastructure offline in a shared environment or open you up to being part of an investigation, or lawsuit, that you did not sign up for simply by sharing the virtual real-estate.  It’s no different to being subject to search if you’re in a vehicle and the police find probable cause to search that vehicle you become an unfortunate victim of circumstance.


On Premise:

On Premise in its simplest terms is a server or servers located onsite at your place of business, you install the operating system, applications, etc.   Some people build what I call OnPremise Private Cloud.   They take the servers and add a HyperVisor to the server allowing them to run several Virtual Machines on a single piece of equipment.  There are several HyperVisors out there.  A couple of popular ones are VMWARE ESX and Microsoft Hyper-V.  OnPremise solution doesn’t always mean the servers are onsite at your facility.  You can also purchase or lease servers; they arrive, you then rent rack space from a DataCenter/Colocation facility, and install these machines yourselves, sometimes they can be located in a facility serving up Private and Public Cloud solutions.

Hybrid:

What I’m generally not asked, but I offer up as an option is looking at a Hybrid Solution where you use a combination of Cloud and OnPremise options based on what’s best for the business.

 

Recap:

So what we have learned so far is Cloud is merely a buzz word for servers in a datacenter that some intelligent marketing people conjured up, repackaged, and sold to the world.  There are a few different types of cloud options primarily a private cloud where you are leasing the servers. It’s dedicated to you, and, you maintain some control over them.  A public cloud is a server that is sharing its resources with several subscribers at the same time, and you have no control over how the allocation takes place.

Pro’s vs. Con’s:

As with each solution, there are Pro’s and Con’s that need to be considered as we move through the checklist to determine the best option. Here are just a few of the Pro’s and Con’s that were on the top of my mind while writing this article.  This is not a complete list and should only be used as a guide to building a list. Let’s start out with the Pro’s of a Public Cloud Solution

Pro’s of a Public Cloud Solution:

  1. Easy signup
  2. Quickly order the resources needed and spin them up fast
  3. Inexpensive initially
  4. No commitment can turn on and off anytime (most of the time)
  5. Adequate support for the basics
  6. Basic level of backup typically included
  7. No need to manage and maintain physical hardware
  8. No colocation or data center type responsibilities or expenses

Con’s of a Public Cloud Solution:

  1. Shared resources can become unreliable, slow, inaccessible
  2. You are not in control
  3. Someone else maintains and has access to your data
  4. Costly support beyond the basic support needs
  5. Backup limited.  Restores for other users could impact your data unexpectedly.
  6. Risk of potential search and seizure
  7. The danger of being hacked or attacked simply by being a neighbor of another client that shares the same resource you are on.

Pro’s of a Private Cloud Solution:

  1. Hardware dedicated to you
  2. Resources in some cases can be added relatively quickly in some instances within 24hrs
  3. You’re not sharing the space with others, so security and privacy and intrusion protections are in your favor.
  4. Backup data on your terms your way and restore on your terms your way
  5. Participate in hardware choice, configuration, deployment procedures
  6. Lease or Own the hardware
  7. Gain console access to the physical hardware
  8. Move physical hardware from one cloud provider to another or even bring on-premise
  9. Control the length you use, retire, replace the hardware.

Con’s of a Private Cloud Solution:

  1. You now are in the business or owning or leasing hardware
  2. Hardware can fail, and you may be responsible
  3. The need for extended support contracts with hardware vendors such as 4x24x7 (4-hour response 24hours a day, seven days a week) which cost up front but save your bacon in a hardware failure scenario.
  4. The need to have multiple physical machines and use high availability or fault tolerance technologies to minimize or eliminate your downtime.
  5. Backup is now your responsibility.  Procuring, managing, and maintain a backup strategy is part of having a private cloud. (Some providers that offer private cloud solutions will do this for you for a fee.)
  6. The need to go onsite depending on the need for physical console connection or lack of an IP-based KVM that allows for remote management of console.

 

These are just some of the things to think about.  Obviously, each scenario has its pro’s and con’s and every situation in a disaster isn’t going to happen, it’s just a possible scenario.  We haven’t even dived into the pro’s and con’s of having an on-premise solution.  There is merit for this type of situation however given the availability of high-speed Internet pipes; I usually recommend people look at renting colo and moving those physical machines into a data center.  Data centers are many-time referred to as physical cloud facilities or just plain old cloud.  If you think about it, the word cloud as I mentioned previously is merely a marketing buzz word.  Calling a data-center or collocation facility a cloud facility makes complete sense.

Many data centers offer collocation space and also have a  À la carte menu of options for other services that you can select from to maximize your investment in IT Infrastructure.  It’s good to talk to them and see what they can offer.  I will say, many of them want you to sign up for their Public or Leased Private Cloud solutions.  This is where they make the most margins for their services.  If you’re looking at owning your infrastructure and leasing a rack from the facility, just let them know that’s your intention.  If they are respectful and care about what’s best for you and your decision process, they will focus on your vision and not their bottom line.

I feel like I have only glossed over this topic. I believe an entire mini book could be written about this topic and even then there is much to be considered.  If you have questions, need guidance, or recommendations, don’t hesitate to post a comment or even reach out to me directly.

I wish you the best in your endeavor and future success.

Regards,
-Will

Microsoft adding co-authoring to the office lineup starting with excel

Yesterday Microsoft announced co-authoring is coming to Word, Excel, and PowerPoint.  Microsoft is starting with Excel on the Windows platform for users set up on office insiders fast.  Co-Authoring feature allows you to see who else is working on the spreadsheet you are working on in real-time and see the changes seconds after they made them.

Microsoft enthusiast should be excited to see this coming to the office suite.   Google pioneered this functionality with Google Apps, and it has been a feature that pulls users over to the Google platform.  I have used the Google platform with other users that have invited me to collaborate with them on docs they have developed on Google.  I have been a loyal Microsoft Office user.  This is an exciting move for the loyal Microsoft Office suite user.   I use both MAC and PC with MAC being my primary interface in office.  I’m hoping the availability of this on the MAC platform will not be far behind the Windows platform.

 

Apple says no to advertising price in app title

Apple is cleaning up the App Stores.  Developers can no longer call out the price in the title of apps published.  For the last thirty days, Apple has been blocking submissions to both the App and Mac store when the metadata includes pricing information according to VentureBeat.

This change I feel is a step in the right direction.  Developers who publish apps for free may feel pain from this change. However I almost always personally skip over the apps with free in the title assuming the app is crippled, or limited in some way.

This is not a new policy, Apple has been actively discouraging developers from this practice and only recently started enforcing it.   If a developer has an app that has the word free in it, they will get an error message as shown below

The error message displayed:

Your app’s name, icons, screenshots, or previews to be displayed on the App Store include references to your app’s price, which is not considered a part of these metadata items.

Please remove any references to your app’s price from your app’s name, including any references to your app being free or discounted. If you would like to advertise changes to your app’s price, it would be appropriate to include this information in the app description. Changes to your app’s price can be made in the Pricing and Availability section of iTunes Connect.

Apple has always been about quality.  Apple has been cleaning up house or “App Store” by removing apps that users have been complaining about, the publisher has abandoned, etc.   I wish Apple would allow a trial option where users could download a fully functional app or a trial version that is limited giving a user the ability to try before they buy option.   I believe one of the biggest downfalls with the app store now is purchasing an app only to find out it’s not what you expected and you are now stuck with a useless app.

A simple command gives CIA/FBI/NSA full access to your Cisco Equipment

Cisco Systems recently announced that over 300 models of switches manufactured by Cisco contain an exploit that allows hackers to use a relatively simple command gaining complete and full control of the affected unit.

They found this exploit recently by analyzing several documents believed to have been stolen from the US Government which that itself is another scary thought on how safe and secure our government has been with protecting our national secrets.   Cisco notified the world of this vulnerability March 17, 2017, on the Cisco Security Board.

How does this work? Well, the attacker can obtain the access by sending a malformed CMP command through the telnet protocol during the connection process, the affected device will essentially give the user privilege 15 level access to the unit.

Cisco said there are no work-a-rounds to address this bug. Cisco further indicated this only works when the unit is setup to accept incoming telnet connections.  So in my mind, I would immediately disable the telnet protocol altogether, and that essentially fixes the issue.

You can disable telnet on your Cisco Device by logging in and typing the following commands in privileged mode.  If you want to leave “SSH” access on, then leverage option one. If you want to turn off all remote access completely, then follow option two.

Option one (telnet only disabled)

  • line vty0 15
  • transport input ssh

Option two (all remote access disabled)

  • line vty0 15
  • transport input none

I would also suggest that you consider changing your crypto key as well if you feel that you have been exploited, and, verify the user accounts on the device are legitimate.

You can read the security announcement from Cisco here.

Enterprise gear is for home users too…

 

 

 

 

I live in a friendly community, and many of my neighbors fall in one of two categories:

  1. Retired
  2. White Collar Employee

When I head on downstairs in the morning, open the front door for my little dog Ayden to do his morning thing, I often connect with my neighbors.  They are walking, jogging, and running around our community. Retired people are always looking for a good deal, something that will outlast them, add value to their day to day life and provides the best bang for their buck.

Recently my neighbors across the street from me both retired were extremely frustrated with their Cable bill skyrocketing to an unprecedented monthly expense.  I couldn’t agree more with my neighbors, I had recently experienced that drama myself and took corrective action to resolve this issue.  I explain that in my post titled Bye Bye DirecTV hello Tivo feel free to read it for details.

My neighbor Paul, a retired Boeing Exec, inquired on how he could save money.  Well, I brought him over to my house and showed him my Tivo setup.  He was impressed, went home, performed some additional research, discussed with his wife Kirsten who is a retired lawyer, and they pulled the trigger on ordering Tivo.   A few days later he called me up and asked me if I could help him set up the Tivo.  He listened to everything I had mentioned as he had been down to Comcast, picked up the self-install kit which included a cable card, and was ready to go.

I headed over there installed the Tivo, connected it to the WiFi, and performed a little re-wiring removing them from Frontier Fios TV and onto the Comcast TV service.  Everything started working just great except the InterNET connection was spotty.  After investigating the InterNET issue and hearing it has been an on-going problem in their house,  I determined that the router/wap they were using was not good enough.  It was located on the opposite side of the house.

Paul’s son Evan had been recommending to his parents the Netgear Nighthawk which was $499.99 and promised the world.  While I’m sure this would have improved their service, I still believed they would have been challenged by the fact that, the router/wap was on one side of the house, while the Tivo was on the other side.

Ubiquiti Networks:

I told Paul that I do not recommend they purchase the Netgear Nighthawk at 499.99 as its just too expensive. I brought him back over to my house, took him to the center of my house, and had him look up.  He didn’t know what he was looking for.  I showed him the Ubiquiti Unifi Access Point (AP) which is pictured here.  He mentioned it looked like a smoke detector and I responded with exactly.  It doesn’t look out of sorts.  I also explained you could disable the blue light though I prefer to keep mine on as it works out to be a great nightlight in our hallway upstairs.    I went on to explain this one device provides excellent wireless service to my entire house.  On average, I have about 25 devices always connected to wifi.  He went home, shared my knowledge with his wife and son.  Evan, his son, is a gamer and was quite concerned about my proposal and how it could affect his gaming experience. He also had a hard time believing that an 80.00 WAP, would outperform the 499.99 Netgear Nighthawk he has been recommending to his parents.  I assured him it would not affect his gaming; I didn’t promise it would make it better or worse, I simply said, he should have the same gaming experience he is currently enjoying.  I provided them a list of parts they needed as I was also recommending they lose the Frontier Router, we move it to the garage, convert them from HPNA (Frontiers way of handing The InterNET to you through coax like Comcast) to Ethernet handoff.  Each Frontier ONT can deliver the Internet through Coax or Ethernet.  Well they ordered the equipment which was the following

  • Unifi Security Gateway ($110.00)
  • Unifi Wireless Access Point ($79.00)
  • 500ft Cat5e cable (39.00)
  • I provided the rest from my inventory

So after all gear was onsite, I started out by running the ethernet cable from the garage to a center point of their house which happens to be a hallway near the entrance of their house.  I climbed through the attic pulling the ethernet cable through following the alarm cable runs.  We then drilled a small hole from below that allowed us to fish the ethernet cable down into the living space.  I was done in the attic.  I then headed back down, and we terminated the cable by putting an RJ45 jack on the end, mounting the ceiling bracket near the exit point where the cable was egressing from, and then proceeded to plug the cable into the AP, and twist the AP onto the mount finishing that part of the project.  We then moved to the garage where I had pulled the other side of the ethernet to, drilled another hole and fished the ethernet cable through that hole into the garage.  Next, we went outside where the ONT (Frontier FiOS box) is located and ran another cable from there through another hole we drilled in the exterior wall and the inside garage.  After that was done, I put an RJ45 jack on that end, plugged into the ethernet port of the ONT, and stapled down the cable to it was clean and secure.  Inside the garage where we decided to terminate this equipment,  I climbed on a ladder and began to mount the various pieces of equipment as you can see illustrated in the picture below.   In essence, I landed the two-port ethernet biscuit with one port going to the Frontier ONT, and the other port running to the Unifi AP. We proceeded to mount the Unifi Security Gateway, power strip, POE adapter and power adapter for the Unifi on the wall.  We then powered everything up, programmed it all into the Unifi Controller which we installed on one of the machines in the house and started testing things out.   Everyone in the house was amazed at the difference this equipment made, the interface is beautiful and detailed, providing a lot of insight into their Network such as Netflow Graphs, most active device, etc.   Evan was quite pleased with the Interface.  He then proceeded to test his games for the next week.  I had traveled out of state after completing this and was gone for a week.  Upon my return, I stopped by my neighbor’s house to check in on them.  They were just amazed at everything and could not be happier.   All this happened back in January of 2017.  Fast forward to March 2017, and they are still pleased and amazed with the recommendation.   Google, Linksys, Netgear are all coming out with new Router/Firewalls with WiFi built in.  I have seen the pricing on these devices 200.00 and up.   I would seriously look at the Ubiquity gear not just for work but home use too.  Its price, quality and feature functions are on par with the enterprise competitors such as Cisco and others.  They also have an online portal that you can manage your infrastructure from the cloud at NO ADDITIONAL cost.   Cisco charges an annual fee for this cloud feature.  A client of mine I was consulting for recently, just paid Cisco $1,700.00 to renew it, they ordered another AP for expansion that ran them $1,100.00 not including the cabling, and labor costs.   All in all, Unifi may be cheap, but don’t judge a book by its cover.   This is a fantastic product.

 

 

Microsoft Loves FreeBSD

Microsoft has come along way over the years from considering Linux and Unix a cancer to embracing the competitive operating systems and investing in their success. Microsoft has been personally developing its own branch of FreeBSD that will adequately function on Hyper-V and Azure.

Microsoft is also contributing its development work on the FreeBSD Kernel back to the upstream source which benefits all parties.  The work they have done means, FreeBSD will fully integrate and work with Azure and Hyper-V environments plus, Microsoft will support FreeBSD versions 10.3 and later through Microsoft Support.

When Microsoft was questioned during a Q&A session regarding its involvement in FreeBSD development, they indicated the main reason Microsoft is developing its own version of FreeBSD is to ensure customers have an enterprise service level agreement (SLA) for FreeBSD VM’s running in Azure or Hyper-V.

“In order to ensure our customers have an enterprise SLA for their FreeBSD VMs running in Azure, we took on the work of building, testing, releasing and maintaining the image in order to remove that burden from the Foundation. We will continue to partner closely with the Foundation as we make further investments in FreeBSD on Hyper-V and in Azure,” said Jason Anderson, Principal PM Manager at Microsoft’s Open Source Technology Center.

This is an exciting time where technology competitors can join forces and start working together.   The future for Technology is only going to get brighter, more exciting, and competitive in other ways.  I look forward to seeing what’s next in our evolutionary step forward.

DirecTV Now

If you have not already heard the hype, then pull up your chair and continue reading.  DirecTV is in the process of making a huge change to the way it distributes its content,

Launched in late 2016 DirecTV started streaming its Satellite TV service over the Internet under the brand DirecTV Now.  This streaming service provides over 100 Live channels to your computer, tablet, phone, AppleTV, AmazonFire TV, and more devices soon.   This is going to be a game changer for the industry, open up access to the DirecTV ecosystem by allowing users unable to install satellite dishes, another medium to consume the service by using their broadband service instead.

I subscribed to DirecTV Now which cost me $35.00 per month. The Service provides over 100 channels of TV.

I added HBO for only $5.00 per month which allows me to keep tuned into Game of Thrones.   For someone that was paying DirecTV 183.00 per month so I can watch all my shows and now, I’m paying $40.00 for the HBO added, this is a tremendous saving per month.   DirecTV Now is also offering a FREE APPLE TV for signing up and pre-paying for the service three months in advance.   This is not a bad deal considering the cost of an AppleTV.  For those DieHard NFL Sunday Ticket fans, you can get the NFL Sunday Ticket through the AppleTV with or without a subscription to the DirecTV Now Service.   I would recommend you give this a try.  They have a free trial with no obligation.

Click Here to check out DirecTV Now

Wiping the cobwebs off of my video production skills…

Lights, Camera, Action!  Those were real words I used back in the early to mid 90’s when I was full time into Video Production.  I spent four years dedicated to the art using technology far different, than what’s used today.  We used mostly Commodore’s running a program called Video Toaster, we used Macintosh Computers, not the ones running OSX, but the early day ones that looked funny compared to the fresh looking one’s today.  I would spend countless hours screenwriting, scripting, planning, producing, editing, and releasing videos. Some were on public access TV, and others were used in training videos used by the Sacramento County Government, to even getting the opportunity to work on a soap commercial with a famous Hollywood director.   Video Production back then was a lot of work that required setting up scenes and shots that could take up to 8hours for just 30seconds to 5 minutes of footage.   Recently a very renowned Chef in the Seattle area passed away suddenly, and family/friends were scrambling to make preparations for his funeral/memorial service, they had hired a company to create a photo slide deck with music playing in the background.  They were presented with the work only to go into panic mode.  One of the individuals working on making this even perfect reached out to me recalling my past and fondness for the art.  I had about 12 hours to put something together, and I did.   It was exhausting, challenging since I do not know any of the people I was making the video for and had little context or translation into the photos other than who a few of the people were, etc.  I chose to use iMovie given the time constraints, my fear of trying to re-familiarize myself with Final Cut Pro or Adobe Premier knowing that this free tool built into OSX was available to me.   While its limited in what it can do, they were blown away by what I put together.  I added my transitions and grabbed some footage outside of the photos they provided to dress it up a little more.   Marcus the individual who passed away came from Scotland.  I had several photos from Scotland and his family there to throw in. I saved those for last and added a tribute to his Scottish roots.   I’m a big critic of my work.  I look at it and see so much that needs to be done, they looked at it, and accepted the draft as final and said it was unbelievable.   I guess I should try and be a little less critical of m y work.

 

Please Click Here to watch the video I made for Marcus using Apple’s iMovie

 

For those interested in the Video Toaster, Click Here to be taken to the Video Toaster Wikipedia page.

As always, thank you for checking out my blog.

Regards,
-Will

Installing FreeBSD 11

I completed my first tutorial today.  It was a long process but a fun one.  I’m looking forward to creating other tutorials.  This tutorial focused on Installing FreeBSD 11 under a Hyper-V 2012 R2 environment. You can check it out by Clicking Here

Hover-boards, reality now?

Have you ever watched back to the future II and wished you could ride on that hoverboard Marty McFly was riding on?  Well, your days of waiting may soon be over. I have come across a couple of Hover Board solutions that are just amazing.  Let’s start with the first which is a group of guys in France, that have created a board which can take you up, up and away.  I attached a video below of the solo flight for your review.  They call this new device, “The Flyboard Air.”

Zapata Racing – The Flyboard Air

This device can take you up to 10,000ft off the ground, has speeds more than 90mph, and just looks really cool.   I want a Flyboard.  Technology is getting closer and closer to what we saw on TV in the 80’s and 90’s.  TV inspired a generation of inventors to take the fiction, and turn it into a reality.

You can find more information on The Flyboard Air byClick Here to be taken to their site.

Lexus Slide – Hover Board

Another hover-board worth mentioning is the Lexus Slide. This hoverboard is more in-line with the hover-board of Back to the Future II, and at first, was difficult to believe that you can actually hover above the ground, over water, literally floating through the air. I would say this is an actual hoverboard that hovers under the same concept that gave life to Marty McFly’s board.  However, this technology is not without its limits.  The board has superconductive material onboard that is cooled with liquid nitrogen minus 197 degrees.  This superconductive material rides on top of the extreme north and south magnetic poles.  For this to work, they needed to create two magnetic north and south poles that allow the board to balance in the middle.  Watch the video below to see this in action.

If you would like to learn more about the Lexus Hoverboard, the technology behind it, etc. , You can Click Here to be taken to the Lexus Slide’s Hover Board site.

I’m excited about what the future holds for us all, and I look forward to seeing what is coming.

Respectfully,
-Will