35% of Microsoft Exchange Server Deployments now in the Office 365 Cloud

Everyone knows that 'The Cloud' is the trend of the moment (as we write in 2015), and quite a journey it has been.

A couple of years ago, Onega did not recommend that clients used Office 365 as at the time it did not do everything you needed to do, that you could (and did) regularly on a server based office system. However, since 2013, Microsoft have continued to improve their cloud offerings to the point that it is now on a par with on-premises IT, and in some cases is overtaking this to go beyond. For example now, if you want to use MS Office on your iPhone or iPad, the only way is in conjunction with an Office 365 subscription. Windows 10 and Office 2015 will only be more integrated with the cloud and the lure will most likely be compelling for everyone not yet on the cloud at that point.

One of the benefits of the cloud is that it facilitates rapid iteration. i.e. instead of the traditional software model where you release software, install it on client systems, maintain it and then upgrade with Service Packs, roughly annually, and then upgrade to a new release two or three years down the track; now upgrades happen behind the scenes on a central service, are instantly available to clients without local IT having to do anything and are largely transparently to users. Office 365 has now had more than 25 iterations and a few more will likely be through before the end of the year.

The other big change in the last couple of years is that fibre broadband is now (nearly) pervasive, and fast wireless services are available elsewhere which typically give up to 50Mbps speeds for £3X a month on a business grade connection.  For established companies, the SuperConnected Cities Project (see http://www.onega.net/blog/superconnectedbroadbandvouchers) allows for free install of 'real' fibre Internet for very high speeds and SLA's. Thus you can now both have your cloud cake and eat it.

So back to the headline of the article here. Building momentum and phenomenal growth in Cloud and adoption of MS Office 365 (mainly because the case is compelling all round) means that we are now at the point where a grand total of 35% of all MS Exchange's installed user base is now on Office 365 and Exchange Online (the email only version of Office 365).

That's quite a statistic and we'd not be surprised if this was over 50% within 12 months, if not more. In fact we'd be surprised if this was less by that time.

So here, the market speaks volumes and if you've not yet got a cloud strategy then please do sign up for a free trial via Onega and feel free to get in touch to run through your particular setup and how we can help you get the most out of the Cloud for your business. http://www.onega.net/contact

 

Onega Rated Strong in report of the UK's Largest 1000 IT Consultants

Onega is happy to say that we've been rated as 'Strong' in the latest Plimsoll Analysis, which covers the IT Services and Consulting sector and rates each company in one of five different categories; Onega is up at the highest step on the scale. Having been established since 1998, Onega have been growing slowly and steadily over time. Onega have no debt as a company and enjoy positive cashflow (mainly thanks to Heather and Nicola in Accounts who keep us on the straight and narrow with invoicing, admin and finance etc.)

You can see the headlines of the analysis at http://www.plimsoll.co.uk/marketreports.aspx?market=it_consultants - this shows that in the sector nearly a quarter of our competitors are making a loss or are categorised as being in Danger.

We're planning on being around for the long run.

The Importance of Using Secure DNS Servers

All good IT administrators know that maintaining a secure, productive and supportable computing environment means considering (and implementing) security at many levels. There is a whole load more to it than just installing a virus scanner on all your computers (though deploying a good antivirus and anti-malware solution is of course one element in this). Ideally you'll have Endpoint protection for AV and Malware on all desktops, laptops and servers (Onega tend to recommend and use Kaspersky, AVG and MalwareBytes depending on use case), but also a secure firewall (e.g. a good Watchguard XTM or similar unit) and external cloud based email filtering to reduce the risk of anything untoward getting into your network in the first place.

One thing we are also now recommending (aside from reminding people about limiting use of full admin rights to a PC - see http://www.onega.net/blog/2015/6/4/are-you-logged-in-with-admin-level-credentials-on-your-computer-right-now ) is to set your external DNS servers to be secure servers.

In QA format - here you are:

Q. What is the difference between Secure and Non-Secure DNS Servers?
A. In this context, the answer is that a standard or non-secure DNS server does a good job of DNS resolution and turning your request for http://www.randomwebsite.com/ into the IP address (143.95.83.184 in IPV4 Land as I type) that hosts the site for your web browser to connect to or your email to be delivered to etc.  The resolution process is simple, fast and robotic and the DNS server will cache entries for fast response or look them up for you recursively from first principles and the Root DNS Servers. When the server has the result then it gives it to you.  A secure DNS Server adds an extra level of security to this process. It will lookup websites and Internet addresses, but before giving you the result, it will check that the IP address is of known good or known bad reputation (or check it with a virus scanner first); such that if the site is deemed clean then your computer is given the IP address in the blink of an eye. If the site is one that you'd probably be glad not to be visiting, then the DNS server will redirect you to a harmless web page which will let you know why you are there.

Q. Put simply, what is the benefit of secure DNS?
A. It helps reduce this risk of accidentally browsing to an undesirable website that might otherwise have tried to install malware or other junk on your computer. Thus you are very likely to save hard money through reduced downtime and lost productivity and also less time to fix (and cost of fix) on a machine otherwise.

Q. Which Secure DNS Servers to we recommend?
A. The two main contenders at the moment for secure DNS are:

Comodo Secure DNS: 8.26.56.26 and 8.20.247.20
(See https://www.comodo.com/secure-dns/index.html )

OpenDNS: 208.67.222.222 and 208.67.220.220 (others are available on premium packages - these are free for public use)
(See https://www.opendns.com/ )

Q. How to we implement Secure DNS?
A. Make note of the DNS server addresses above, and either set these individually on a PC / laptop (if not in an office environment) or else set these servers as the DNS Forwarding servers on a Linux / Windows / Mac Server DNS server in an office environment. DHCP should give out DNS servers that relate to these (or actually give the addresses out if you don't have an Active Directory environment).
.. or just ask Onega of course and we can help configure these for you quickly.

Q. Is there a Cost?
A. If you are a business then it is of benefit to subscribe to one of the premium services which has a modest charge but this is of relatively trivial level and soon, anecdotally, pays for itself. The premium services also give you the confidence of an SLA as well as extra features. On the setup / installation / configuration of secure DNS in your environment, Onega would do this for you, either free if you are under a proactive maintenance agreement with us, or based on our standard PAYG time charges (it would normally take no more than an hour on the average client network servers and firewalls, unless you have a really big system).

Q. What about Google's DNS - is that Service Secure? (8.8.8.8 and 8.8.4.4)
A. No, not in the sense being discussed here. Google being Google, that is likely to change over time.

 

Are you logged in with admin level credentials on your computer right now?

If you are reading this then there is a fair chance that you're categorised as a 'power user' or a full administrator on your IT systems. There is also a fair chance that right now, you may be logged in with an account that has admin rights to your local machine.

If you ask someone: 'Do you need admin rights on your computer?'; the answer, 90% of the time, is: 'Yes, I could not work without this'. Psychologically, we all like to have the power of full admin control to our own computers all the time. If you are used to having full admin rights to a local machine then this is hard to give up, and giving this up can be akin to giving up smoking, gambling, etc. Admin rights are addictive!

There is a strong case for best practice (basically not disputed) for having permissions set on the basis of least required permissions. Part of this is making sure that you only use the login / admin / access rights that you need at the time. For normal day to day use, we should only be logging into a computer with 'user level' access.

The reasons for this are many and whilst you probably already know these, the key ones are worth reiterating:

1) Reduced Malware Surface and Risk - By using a user level permission account in day to day use, you minimise the impact of any malware that you may inadvertently come across while browsing the web etc. Whilst there may be some malware that can very cleverly bypass permissions on a computer, or exploit zero day flaws, assuming your computer is up to date, then you reduce the attack surface (and hence risk of contracting malware, Viruses and APTs (Advanced Persistent Threats) on your computer by about 95% by using user level rights most of the time.

2) Regulatory Compliance- Nearly every IT security and relevant industry regulation standard specifies that organisations should adopt the principle of 'Least Privilege' . This includes UK PCI DSS standards, ISO27001, Sarbanes Oxley, UK Financial Conduct Authority (FCA was FSA) etc. This covers not only compliance from the security stand point, but also in compliance with company IT policies - for example, with company software licencing and authorised software. If a user does not have admin rights then they can't install a bit of software which is not approved or licenced. Thus, administrators and company managers can be confident that there are not any hidden liabilities around and that change control is maintained. We've seen many occasions when a user might install a piece of software that either 1) has a hidden (and very undesirable payload) or 2) causes unexpected repercussions if, for example, it installs DLLs that then cause other software to run less reliably - which may not be easy to diagnose as the problems might not appear straight away and sometimes are only cured by a restore from image backup or at worst require complete PC rebuild.

3) Evidence Proves the Point - Analysts such as Gartner have proven that statistically, if you remove admin rights from most users, then you reduce security breach incidences, but also save money and wasted time in IT support. Having least privilege makes for a more supportable, reliable, productive and hassle free environment, and with lower support cost through both reduction in direct support costs, and lost time in productivity if a user is unable to work for a while..

If you want a second, third or fourth opinion on this, Google 'IT security best practice for least permission' or look at other blog entries like http://blogs.gartner.com/neil_macdonald/2011/08/23/the-single-most-important-way-to-improve-endpoint-security/  - who make the point well also.

So how do we address this practically?

The first thing is to admit that we have a problem and accept that you may be an 'adminrightsoholic' personally or indeed even suffer from endemic CEPS - Corporate Elevated Permission Syndrome to coin a phrase or two.  You know you have admin rights, that others have full admin rights, and that you should give these up in every day use - you could give them up but you choose not to. Maybe you should stand up right now and state to the office that 'I'm an adminrightsoholic and I'm admitting this as the first step to changing my ways. I know it is not going to be easy and I'm going to ask for your support as trusted colleagues in getting through this tough time for the benefit of myself and the company. Will you join with me in this righteous journey?'

The key is to take things one step at a time, and learn to live with user permissions one day at a time.

The first steps:

We can address this personally and across a company. In taking Gandhi's words to heart that you should 'be the change you want to happen' the first place to start is on your own desktop or laptop computer.

If you are an administrator in a company, or genuinely (in this word is a world of debate and access to regression) need access to admin functions on your computer, then the best thing will be to create (if you don't have one already) a separate local admin account on your computer e.g. if you are BobP and this is your normal login, then you could perhaps create an account called 'bobpadmin' or suchlike. Both your new and normal accounts should have secure (complex passwords which are not easy to guess or Password123 etc.). Give the new admin account full local machine admin rights. Then log out of your normal account and log in with the admin account. Remove admin rights from your normal user account (on the local machine, such that you are only a User (or any other special groups you need). Then log out of the admin account and back in with your now only regular user level account. Congratulations; you just went cold turkey on desktop admin access on your Windows PC. Continue to work as normal and you can feel smug that you've given up your full admin permissions in day to day use. If and when you need to install software on your machine then you can;  but run the installer as your admin account.

You'll find that actually everything works fine. In reality we don't install software very often so you'll only rarely need to enter the higher level account details for elevated permissions. If you're still considering all this, ask yourself when you (knowingly) last installed a piece of software on your computer.

As I type this I can admit that 'I used to be an adminrightsoholic' and now I've turned a leaf. It was hard to do it but now I'm glad I have and like many things, this is something I should have done long ago. I can now be the most annoying type of reformed addict who can evangelise to the world about the benefits of giving up.

At the wider corporate level though, it is important that users and rights are documented and set on the principle of least permission. Some users may genuinely need admin rights but best if the dual account method is used here to minimise use of elevated rights, which includes for very senior network admins who should likely also have both a user level and an admin account so that things are done the right way and in the right place. If you are an Onega client then you'll have access to our Policies and Procedures Wiki Site where you can see formal policies for some of these. see http://intwiki.onega.net and the relevant section on this. If you don't have access to this and are a current client then feel free to contact us by any means at http://www.onega.net/contact.  If you're not a current client, we'd love to chew the fat and talk IT and about you becoming one :-)

Some advanced solutions exist to manage elevated permissions and remove various back door risks and human risks including  Avecto and  ViewFinity. However, beginning with the simple steps above is a good start. If there is enough demand, we'd be happy to run support group sessions for recovering adminrightoholics where you'll be amongst friends.

Wishing you happy and safe computing but bear in mind that, just like all the best fictional characters, IT superheroes should remember that whilst it is great to have superpowers, you should: only use them when you really need to, only use them for good and keep them hidden at all other times.

How many IP Addresses? Onega say hello to IPV6

Internet Standards are evolving all the time, but the fundamental addressing mechanism that allows one computer to talk to another on the Internet has been in place since 1981. Called IPV4, it allows for 4 billion network notes on the Internet which seems a lot and, back when initially only tens and then hundreds of computers were connected to the Internet, would have seemed a huge number at the time in the same way that Bill Gates was once quoted as saying that '640K was more memory than anyone would ever need'. Over time these have all been used up and allocated such that there are, in the great scheme of things, very few left. If you've come across addresses like 192.168.X.X on your network computers or 89.106.X.X for other machines etc. then these are the IPV4 addresses.

The next generation of Internet is being built on IPV6 and this will allow for a world where everything from your socks to kettle are likely to have an IP address. It will not be long before it, by necessity, becomes mainstream and in use daily. Google, Facebook and other big websites are already IPV6 enabled and everyone else is gearing up. If you have a Windows 7, Windows 8 or Windows 10 PC or laptop and/ or Windows Server 2008 or 2012 then you are most likely already using IPV6 without realising it (if you like to tinker and want to see this in action try disabling IPV6 on a Windows Server and see what happens - actually on second thoughts don't, as things stop working without IPV6 enabled internally on your network).

Onega's core service network is no supporting IPV6, and we have a new allocation of IP Addresses from RIPE (the European coordinator of IP addresses) as Onega are a Local Internet Registry. For IPV4 we have an allocation of a /21 network which gives us 2,046= hosts / networks (and we have to be careful to conserve these). Our new IPV6 allocation is: 2a04:cf00::/29 - this does not look much but actually represents a significant increase.

In numbers, this is  633,825,300,114,114,700,748,351,602,688 addresses.

In Words this is: six hundred thirty-three octillion, eight hundred twenty-five septillion, three hundred sextillion, one hundred fourteen quintillion, one hundred fourteen quadrillion, seven hundred trillion, seven hundred forty-eight billion, three hundred fifty-one million, six hundred two thousand, six hundred eighty-eight.

Yes, that's a big number and we're still getting our heads around it!

Usefully, the RIPE website has a button to 'apply for more IPV6 address ' but we suspect that this will not be called for very often. Maybe in 2050 there might be another iteration needed but right now it is hard to think of how all these addresses can be used up; even if you really do have lot of socks.

More seriously though, here at Onega we are aware that change is coming and consider this on behalf of our clients. Any new equipment we buy is considered for IPV6 compatibility, and you should avoid anything that is not IPV6 compatible as this would thus be pre-obsolete.

IPV6 as a topic is something that is currently coming up to the boil, and when it gets there it will be a very big thing. We predict it will be a salesman's dream to replace anything that is not compatible with new models that are when the time comes. By thinking about this early you can ensure a smooth transition for your networks.

Interestingly geopolitics or geotechnocratics comes into play here. Historically America had (and still has) the biggest allocation of IPV addresses whereas countries like China had a virtually nil (or very much smaller) allocation, befitting their IP addressing needs at the time (China in the early 1980's was not big on the Internet). Thus countries like China are actually way ahead of the USA now on IPV6 adoption, through the simple necessity of pressure their IP V4 allocations caused - so we see vendors like Huawei (if you've never heard of them they are a hard competitor to Cisco and have over 100,000 members of staff making all sorts of computer and communications equipment and selling all over the world including to BT) competing hard with Cisco and ahead on IPV6 support where some American companies feel like they are dragging their heels somewhat and still selling yesterday's solutions. That will change soon enough though.

This article has been written mainly for interest and a little education perhaps, and also to demonstrate that here at Onega a big part of our work is looking forward, anticipating needs of the future as much as those immediate ones of today so that we are ready to help architect transitions to the core topology that will see them through the next decades.

If you have any questions or comments on this or other issues, please don't hesitate to get in touch - we like talking tech and this is certainly something you want to 'have a strategy' on.  http://www.onega.net/contact .

Have you updated your TPS and FPS registrations recently?

TPS - The UK Telephone Preference Service

The Telephone Preference Service (TPS) and Fax Preference Service (FPS) exist to reduce the number of unwanted (junk) phone calls that you get on a phone line by allowing you to register your number on an opt-out basis to say that you'd rather the telesales people left you alone, thanks very much.

This is a free service in the UK and has to be renewed / re-registered annually. It takes 28 days to take effect from when you confirm the registration. Once this is in place, it is illegal in the UK to call you with an unsolicited sales call. Companies who use direct marketing must check and respect the register and if they violate the UK's direct telemarketing rules, then you can complain and the company or individual responsible can be fined.

There are a couple of caveats to the rules, but generally 28 days after you've registered your numbers, you should find that if you've been plagued by time wasting unwanted calls then these will drop off noticeably.

To register visit the website http://www.tpsonline.org.uk/tps/index.html - and fill in the form there. Remember to list all your company phone numbers - IP / VOIP phones, analogue phones, ISDN lines (base numbers and DDI ranges) . You can also (and should) also list your staff's mobile phone numbers (if they are personal phones rather than business phones check no one has any objections to theirs being registered first - 99% should thank you for it though). For mobiles it stops you getting PPI and compensation claim calls and the likes - through voice (human or robot) and also works for text (SMS) messages. All of these calls can be annoying and distracting and divert our valuable time from more productive activities.

If you get unwanted (spam) SMS text messages to your UK mobile phone you can (and should) forward these to 7726 on any network (Vodafone, O2, EE etc.) and they are then investigated and traced / blocked / prosecuted (and the good news is that companies are now being actively fined big money for abuse here so there is more disincentive to continue to abuse people). An easy way to remember the 7726 code is that it spells 'SPAM' on your phone's numeric keypad. Even if a spam SMS message comes anonymously the networks can trace them.

FPS - Fax Preference Service:

The Fax Preference Service is just like the TPS but, as you might guess, applies to fax lines and machines. You visit the website and register your fax line(s) and confirm as for the phone preference service. This stops junk faxes that waste your time, paper and ink / toner and tie up your line. Registration is at http://www.fpsonline.org.uk/fps/

Many companies are at the point now of retiring their fax machines and terminating their fax lines. Here at Onega we maintain just one fax machine & line for the odd time it is needed, but this is increasingly rare. Do ask yourself when you last used your fax machine; if you have to scratch your head for long, do call us about getting it cut off. If don't already have one, scanners are now very good and many copiers or multi function fax / print / scan / copiers scan better than they fax. Sending a scan as an email attachment is cheaper (especially internationally) than a fax, as well as clearer.

How Onega can help:

For Onega's IT & Telecoms support clients, we can help make sure that you are registered and, with your authority, can also do the admin of registering and renewing TPS and FP registrations for you. We're not just about fixing computers, we're about making your working experience better and getting rid of some of these junk calls is a good win for all :-)

For more information you can visit:

http://consumers.ofcom.org.uk/phone/tackling-nuisance-calls-and-messages/marketing-texts/
http://www.tpsonline.org.uk/tps/index.html
http://www.fpsonline.org.uk/fps/

And, as always, please feel free to get in touch: http://www.onega.net/contact

Onega provide subsidised Internet connections with Connection Vouchers

Onega Ltd are fully registered as an accredited supplier for the UK Government's SuperConnected Cities Connection Voucher Scheme. This allows us to provide (for qualifying companies) free fibre and other fast business grade broadband service installations. The subsidy here covers up to £3,000 of install costs and is designed to help kick-start the next phase of the UK's digital economy.

Having enjoyed 100Mbps and gigabit Internet speeds here at Trinity Buoy Wharf for the last couple of years, we can attest to the benefits of very high speed broadband. The Internet just works and downloads, video calls etc. are all smooth and seamless which is how they are meant to be. If you are currently on ADSL, ADSL 2+ etc. then you'll benefit from a big improvement here.

If you are located in London or Docklands and want to experience how Gigabit Internet feels, then bring a laptop and visit us and we can plug you in :-) The SuperConnected cities project now includes areas in the UK from Newcastle-upon-Tyne to Chelmsford and Southend (and many other cities).

It is important to remember that the subsidy is only on the install costs and that you have to pay for ongoing costs, but you also reap the benefits at the same time.

Based on a postcode and phone number, we can check quickly which providers cover your area, and what the best deals are based on your requirements. Please do thus contact us for a quote with no obligation.

To further reduce the costs, if you have some neighbours who are also interested, you can split the costs and the benefits with them, so that you only pay for a portion of the ongoing costs but benefit from all the speed available. We've done this a number of times and can help to broker 'good neighbour' agreements on the lines. Sharing an Internet connection is still secure as you'll have your own firewall (something else we can help with if needs be).

See https://www.connectionvouchers.co.uk/cities/ for details of the cities that are covered. We can help you get quotes and fill in the paperwork (all electronic forms now) to apply for your voucher. Then call us on 020 7536 6350 to see how we can help or drop us a line via http://www.onega.net/contact .

Insource, OutSource, Co-Source or Tomato Sauce?

When it comes to managing IT in a small to medium (or even large for that matter) organisation; there can sometimes seem to be too many choices as to how to do things.

The tough job of the IT Director (or board level member or team) is to work out which is the best path for a given company. There are many conflicting options and vendor advice is often tainted by sales pitch and ulterior motive.

Before any decisions can be made, it makes sense to think about what decision is to be taken and why this is to be taken. Here some impartial outside advice can help. At Onega, we like to be highly ethical and recognise that if we are asked to help in these strategy decisions, there may be a conflict of interest given that we are a provider of IT services ourselves. To be blunt, we'd obviously stand to gain much more if a company was to choose to outsource all their IT to us than if they chose to manage it all in house. However, we also know that what is in the client's best interests is also in our own best interest in the long run and the most efficient mutual engagement will also be the one that endures the longest as it will be most advantageous all-round.

Onega are also willing to exclude ourselves from an Outsourcing tendering competition if it would mean a conflict of interest at the consultancy level. There is a lot of value in having an impartial partner on board to 'keep the other guys straight' and ensure you are getting what you pay for in service.

So do you insource, outsource or do things jointly. Here are some bits of advice we have and factors to consider in deciding what is right for your organisation:

  • How much resilience do you need in a service? - i.e. do you need a team to cover a role to allow for peaks in demand or would it not matter so much if a service was not provided for a particular period of time.  For example,  if only a single member of staff knows a particular process, then there may be problems if they go on holiday or are ill etc. A team may also be better able to spread the load when everything happens at once which it invariably does from time to time where a single person only has so much resource and capacity.
  • How much is absolute lowest cost an issue vs greatest value? As a rule, if you have enough work to keep a directly employed individual productively engaged the whole time, then this will be best done with direct employment. An outsourced provider and direct employer would (all things being equal) offer the staff member a competitive market salary, pension, taxes, benefits etc. However an outsourced provider also has to make some profit from the arrangement and contribute towards their operational overheads (rent, admin expenses etc.) where a larger organisation would also have to pay these but is already likely committed to paying the rent and HR etc. in any case. 
  • Do you need to formalise processes? In a small internal IT organisation, it can be a perennial problem to instill the discipline to implement full management reporting, job ticketing, ITIL processes (or subsets) etc. Internally this will always be hard as when the phones are ringing (or email pinging in) the urgent matter of helping people with problems will always trump the not so glamorous formal process of documentation and formal process.   Adding an element of external support can help to embed some formal process as it becomes an inherent part of communications with and inside a client where the inside and partner organisations need to collaborate on matters. This can help get to optimal process adoption efficiency.

These are just a few factors. While the fashion is to outsource, it can be smart to do this selectively for projects and services that are outside the normal skill base of internal staff but to keep core resources in-house. There is also the motivation and allegiance of a member of staff to consider.  If an individual is working directly for an employer, then their allegiance will be to themselves, their family and then their employer; whereas an outsourced worker will have allegiance to themselves, their family, their direct employer and then their client, although as the outsourced services provider succeeds when the client is happy, this should be aligned. In some cases this might not be such a clear line.

Onega work in multiple forms of engagement with clients depending on what their needs are and what is right in the circumstances. If and where it is right though, we've had a number of successful and fruitful long term engagements with clients where our IT service desk staff augment the client's in-house resources. This can include providing overflow when it is very busy, an ear to sound ideas off (chances are that we'll already have done and learned lessons from a project you might be considering) and to provide cover when someone is off. By having the skills and engagement from a couple of Onega team members at a client site, the costs for the client are minimal (typically a reasonable minimal number of committed engagement hours per month may be agreed and beyond this we are available flexibly for your service.). This approach typically works for in-house IT staff as well as for company Finance as this helps with keeping the balance of cost / benefit without the need for drastic offshoring which a company may come to regret.

If such an arrangement might work for you then please do feel free to give us a call and we'll be happy to meet and discuss.

Title image kindly from https://www.flickr.com/photos/calliope/439238208

Time for a new Bigfoot?

Technology comes on leaps and bounds but some themes recur, albeit amplified, over time. For example, in the world of computer storage, modern SSD (Solid State Drives) seem to be all the rage as they are fast and reliable albeit limited in capacity and relatively expensive; yet still very good value.

Actually, chip based drives have been around for quite a long time. From my own memory I recall units being available for Early PC and even Acorn BBC series computers back in the day and they had their applications then as they do now (though improvements are leading to predictable pervasiveness).

Traditional magnetic skinny disk Hard drives may be out of favour but they are still selling strongly and have the benefit of higher capacity and lower price compared to an SSD.

Intel has recently forecast that it sees 10TB SSD drives being at a consumer level by 2017, which, with stacked layer silicon, is quite possible and predictable to achieve once the FABs have their capacity in place for the ramp up.

How will hard drive manufacturers respond to this oncoming threat? We have been pondering what we would do if we were in their boots and we think that it is time to herald the return of the Bigfoot drive or its modern successor. In the 1990s, Quantum had success by introducing a drive which bucked the trend of the 3.5" form factor that was and is prevalent for hard drives, and introduced one that was based on the 5.25" width. This is the same width as CD / DVD drive bays in modern computers and many chassis still have ample 5.25" bays. At the time, Quantum's drive offered 2.5Gbytes of capacity when competitor hard drives of the same price were giving approximately 1GB (both of these used to be regarded as big amounts of storage at the time). This high capacity came at the expense of access speed, but not to any extent that stopped them enjoying high sales volumes and it was a well regarded drive.

We think that the same could be done today, and this would find a ready market for bulk storage in the cloud and on the desktop. The reason this works is that the drive surface area is so much larger despite the seemingly small number of extra inches. This is in the same vein that the 12" album allows for about 22 minutes of play on each side vs a 7" single that only runs for 3-4 minutes. The vinyl record is back in fashion, we think the Bigfoot could return too.

Our prediction is that an entry level drive could offer 10 Tb of storage in 2016 and higher capacity editions could easily bump 40Tb. This would find a ready market for example alongside SSD storage for amateur and professional photographers, videographers etc. who might work on live edits on SSD storage and then archive off to the big magnetic disks to preserve their original footage and portfolio. As the world embraces HD and increasingly 4K, with 8K on the horizon, bulk storage has never been in as much demand.

Will any manufacturers make good on our call here? Time will tell, but we are sure that the first to launch such a drive will have a big steal on the market and show that magnetic is not dead yet.

Top image kindly from https://www.flickr.com/photos/bensonkua/3258958203

 

Welcome to The New Dawn of Open Source Networking with Vyos - a Vyatta (now Brocade) Fork

Onega are fans of Open Source software though we are aware that this is not a be-all and end-all in business. Philosophy aside, you have to first ask yourself if an open source project makes economic sense - i.e. weigh up (cost of software aside - Open Source does not necessarily mean no cost) the cost of ownership, support options and if it is the best tool for the job. Open Source projects can be really good, or they can be rubbish!

So, general points on Open Source aside, I recently have been learning about VYOS. This is a Fork (spin out) from Vyatta, which in turn packaged Xorp then Quagga network projects and others to create a fully-featured Open Source router.

Onega have been using Vyatta since 2006, which was early in its conception. We were the first ISP BGP implementation of Vyatta globally and we've been very happy with the software which offers features and protocols that normally are only found on the 'big iron' network equipment such as that from Cisco, Juniper or Extreme, but at a much lower price point (and running on standard X86 / X64 Intel based servers). Vyatta was purchased by networking giant Brocade (best known for their Fibre SAN routers) in November 2012.

When we first bought into Vyatta, the cost was approx. £220 a year for a three year enterprise subscription -  then Approx £450 a year for a similar Enterprise support and update subscription upon renewal and now, at renewal under Brocade (who bought Vyatta out) has gone up to approximately £900 a year. So every three years the cost has doubled. I'm not sure if it can sustain being doubled again.  I guess this is as a result of going from a young and aggressive company being disruptive to the mainstream networking industry through to being a mature part of a big player.

Considering that our need of support for the Vyatta routing software has been quite minimal over time (two primary support tickets in just under ten years is not bad) and given our familiarity with the protocols and the product, the value added makes us question if we need the full Brocade support. Since having been purchased, Vyatta branding has been dropped and so have all references to community and Open Source.

Thus, I was very happy to discover Vyos - www.vyos.net -recently. This is an Open Source fork of one of the later Vyatta Open Source releases and it is actively updated, developed and supported. This is in use at thousands of sites around the world and looks to be just the ticket for Onega's own network use to upgrade our older Vyatta routers. An Intel based server with a modern processor and appropriate network interfaces (typically fibre, gigabit Ethernet and 10Gbps Ethernet now) will provide an excellent and very high throughput server compared to a traditional Cisco router, with more flexibility for upgrading where needed, and no vendor lock in.

We also make use of the excellent MicroTik (www.microtik.lv) routers for wireless and smaller networks and their OS is available separately to their hardware to do similar jobs. But for core networking, Vyos looks like it will fit the bill. Full kudos to the team that continue to work to make it a success in the Open Source project space.

Well worth a look if you are in need of router upgrades to see how this would work in your case. Onega have good experience at implementing and supporting these solutions and they are very much production ready and proven with years of solid core networking use here at Onega and around the world.