, , , ,

Bono Pastore

, , , ,

Bono Pastore = Good Shepherd

This is what we aim to be at Onega. We work with organisations to help deliver smooth IT and related services. We like working with people and machines, and fixing issues. Even better than this we like to prevent problems from happening in the first place.

Before anyone asks we're certainly not likening our clients to quadrupedal, ruminant mammals of genus Ovis, nor do we walk on water. What we are saying is that much of IT, like many other things is about procedures, routine and best practice. Watching over a flock is about patience and care. Not glamorous but important. 

In the same vein, here at Onega, we are thus planning to address a number of IT focus areas with clients during the course of 2016. The pattern we plan to set and repeat here will be as follows:

  1. Identify key areas of IT that may cause risks for clients.
  2. Ensure we have best practice solutions and procedures available to address these.
  3. Communicate the focus area and engage with clients to address this.
  4. Create and fill out appropriate checklists so that we capture any relevant information and actions.
  5. Agree on a plan to resolve any issues; so that things are brought as close to optimal as practicable and document exceptions where there are good reasons why not.

During the course of these processes we well be looking at the same aspects of IT operations across multiple clients so we have the benefit of scale in the effort and the team will be well briefed on the task at hand to ensure you are getting good advice.  The outcome should be more robust systems implementations, documented procedures and policies, and documented systems and responsibilities. 

The engagement that Onega has with clients varies widely. For some clients we manage entire IT estates and systems, and for others we provide ad hoc assistance as you need us. Thus, one of the first parts of an effort is establishing the relevance of an area of IT to a client, who is responsible for this aspect and who will carry out the work and under which contract.

We fully expect that not every proposed Bono Pastore engagement will be relevant to every client so where you are happy to take care of something yourself this is documented, and where you'd like our assistance in a matter big or small we are happy to help with that. One big benefit for everyone is that the process should help make everyone aware of aspects and ensure that any ambiguity in responsibilities (or duplication of effort) is addressed and removed. 

The first pass of this series of best practice benchmarking exercises is due to start soon with DNS - Domain Name Services. This is one of the underpinnings of the Internet and something we use every day for conduct of business. Thus it is one that affects just about all clients so expect a post and for us to be in touch about this. We may even make it a podcast topic soon to go into more detail. We're mindful that we should communicate more about what we do as much of good IT, if done right, will not be seen but contributes to things 'just working'. This is ideal but far from universal so we should resist the trap of complacency just as the good shepherd keeps vigilant watch. The wolf is ever hungry but will find tonight's meal elsewhere.

Running the numbers: Longplayer on CD, Vinyl, Cassette boxsets.

Longplayer is a piece of music that will run for 1000 years without repetition. It started on 31/12/1999, so has now been running for 15.6 years as we write.

You can listen to live streaming off the web, or now via iPhone or iPad app , but in case you are the person who must have everything, we thought we'd work out the numbers on the Longplayer Box Set for you:

Longplayer will run for 1000 years. Or...

365,250 Days - based on 365.25 days per year (0.25 accounts for leap years) over the 1000 year run time. Or...

8,766,000 Hours - (that's Earth hours pre-metrification based on 24 per day for anyone reading this from far off in the future) .

An Audio CD is 74 minutes max, a Vinyl LP record is generally 45 minutes across both sides (some are known to have run longer but quality is sacrificed) and a good quality audio tape cassette might run to 100 minutes at the most.

Thus we can work out that to own the complete work of Longplayer, this would equate to 7,107,568 CDs, 11,688,000 LPs or 5,259,600 audio tapes.

From a quick look at Amazon's current average selling prices for the respective media, we'll reference these as, £10 for a CD, £15 for an LP (these are very much back in fashion), and £5 for audio cassette (which we think will be next in line for revival in approx. 2020).

If you'd like the full set; from a production run, you'd be looking at costs ranging from a mere £26,298,000(26.3 Million pounds) for tape through to £71,075,680 for CD to £1,753,200,000 for the LP (one point seven five billion pounds).

The numbers here are slightly moot as, on the one hand, limited edition pressings would have higher production costs and are generally seen as more desirable; on the other hand, with the task of producing the set, an efficient production line could be established to allow the set to be created for you and delivered over the generations. Thus on balance we think the original figures are reasonable working estimates. Don't forget to add Postage and Packaging on the cost.

We'd ask Jed From Post/Pop Records to produce the tape. If you don't know them, Post/Pop specialise in tape and are responsible for a large proportion of the artists in the UK cassette music chart at any one time (if you want a number one selling music tape they are the people to go to).

Recent times have seen the world's super rich indulging in super yachts, fast cars and so forth, but an investment in the Longplayer box set might be seen as one of the ultimate investments in the arts. If you are one of the roughly 1,700 billionaires in the world then Longplayer may be just the understated cultural investment you are looking for. It is also quite relaxing to listen to :-)

For the rest of us, this makes the cost of a Spotify subscription look very reasonable, although Longplayer is streamed for free over the internet (the feed runs over Onega's TBWNet), or can be visited and enjoyed live at the Lighthouse at Trinity Buoy Wharf.

Whichever way you access Longplayer, we hope you enjoy it, and that your descendants enjoy hearing the final notes on Tuesday 31st Dec 2999, which will be broadcast intergalactically via all major sub-etha channels.

Header Photo thanks & credit to Stephen Hill

,

Onega Awarded Silver Partner Status In New WatchguardONE Program

,

Onega have been installing and maintaining Watchguard firewalls for many years, and from time to time Watchguard releases new products and realigns itself with the channel. In the past we have been qualified as Certified Partners, Expert Partners, Silver and Gold Partners over time as the program has changed, and as new models have been introduced etc. Onega first became certified as an Expert Partner when Watchguard introduced their V-Class firewalls (and we have fond memories of our internal V-60 unit at the time) which were amongst the first devices to support 'fast path' architecture to allow for wire speed processing of firewall network traffic. 

Watchguard work with partners such as Onega Ltd to provide secure firewalls for business.

Onega have multiple engineers formally trained in Watchguard, and we pride ourselves that we can configure the firewalls to be more secure than 99% of the world's firewalls, which equates to achieving very high levels of network security as part of an integrated stack for clients.

We are happy that we've fulfilled the technical and commercial criteria to qualify as Silver Partners with Watchguard, and are looking forward to moving to the next step up in the program over time.

, , ,

Onega At The Fujitsu World Tour 2015 - London

, , ,

We have just returned from participating in the Fujitsu World Tour 2015 in London, which was held at the venue of The Brewery, on Chiswell Street in London. This was a useful day and allowed us to catch up on all that was new at Fujitsu, see some of their latest technology on display and chat directly with members of senior management etc.

Fujitsu rolled into London for one of the first events of their 2015 World Tour. Hyperconnectivity and both its impact and potential were key themes.

Fujitsu rolled into London for one of the first events of their 2015 World Tour. Hyperconnectivity and both its impact and potential were key themes.

This year's event was a big occasion, with Fujitsu marking its 80th anniversary of formation. When we are so used to tech companies coming and going, Fujitsu has shown that it is very much here to stay (and indeed growing and thriving as a business).

First item in the day was the greeting from Fujitsu UK CEO Regina Moran who also shared some of the history of the company with us. This was interesting and new to me - Fujitsu's origination was just after the Great Earthquakes of 1923.  After this tragic and devastating event, a team of Japanese engineers made a visit to Germany to investigate the newly developed technology of the automated telephone switchboard and specifically Siemens who were one of the European leaders in this emerging field of electronic communications. This lead to the founding of Fuji Electric, from which Fujitsu Computers spun off (in 1935) and also gives us insight into the origins of the enduring relationship and strong ties between Fujitsu in the East and their counterparts in Germany over time. You may or may not remember that in Europe in recent history until 2009, the company traded as Fujitsu-Siemens computers (when Fujitsu bought out Siemens' 50% stake).

Fujitsu continue to have a large manufacturing and research facility in Germany at Augsburg where many of their business laptops, servers and desktop computers are produced. Where a lot of modern computers are now manufactured in China (not that there is anything wrong with this), it is good to know that computer manufacturing of the highest quality is still alive in Europe.

The keynote address from Fujitsu's Dr Joseph Reger was standing room only.

Next up was Dr Joseph Reger, who used to be Head of Research but is now CTO of EMEIA and a Fujitsu Fellow (the highest rank of engineering within Fujitsu). His background is in academia and we have enjoyed listening to his thoughts in the past, and his take on industry trends and insights are to be respected and in our opinion well worth paying attention to. The key theme of Dr Reger's keynote address was mainly on The Hyper Connected Society, and Human Centric Computing. At Onega we'd think of these as different takes on Digital Disruption, IoT (Internet of Things) and Pervasive Computing. Whichever terminology you use, the key message is the same - society is becoming more and more connected, to the point that we'll think it odd if something is not networked and 'smart' in a number of years and this is going to bring a lot of change, and contingent to this; opportunity for some and threats for others. By 2020, approximately 10 Billion devices will be connected to the Internet.

To give you an idea of the continuing exponential change to come after that - if all these devices were connected only to Onega's own IPV6 allocation of addresses, they would use only 0.0000000000000000003% of our available addresses. Companies have to think about their strategies to be part of this change, to embrace the opportunities, or to be left behind. Good companies simultaneously plan and think about their strategy for the next 12 months, the next 24-60 months, and the longer term. We've written about this at Onega before but it stands repeating - some industries will be created, others will be decimated. Dr Reger was frank that some companies sugar coat this with harmless sounding terminology such as IBM's preference for the term 'Augmented Intelligence' and indeed Fujitsu's own term 'Human Centric Technology' somewhat masks the fact that whilst technology connects people, it also cuts people out of the loop in the interests of efficiency and effectiveness.

There were some good points that we can all relate to. In the current age of technology, even as it is, there are simple things too that can (and will) be improved. One obvious example in the UK, Europe and most of the world, in the field of medicine, is the current status quo; when, typically, you turn up on time for your appointment with your GP and end up waiting for up to an hour to be seen, whereas in time the reverse can be true and the statement of 'Doctor, the Patient Will See You Now' will perhaps be made as per the work of Alex Topol that we link to here.

After the Morning Plenary Session, the rest of the day contained a number of breakout sessions including Government as a Platform (Gaap), Hybrid IT, CyberSecurity, Democratisation of application development in a business, Windows 10 and many others. Like many days with multiple tracks; Murphy's law dictates that the three sessions you're particularly keen on attending will all be on at the same time.

We attended the Partner Session which was a good briefing for Partners (Onega are one of the most qualified Fujitsu Partners in London and the UK) and learnt about progressions in Fujitsu's channel operations etc. Fujitsu works well and is responsive to the partner channel, and they are introducing new concepts to their Innovation Centre in Baker Street as well as continuing to grow UK sales and engineering presence. The business is profitable and growing, and this was only good news. We and other partners asked questions and gave feedback, and the session was in good spirit.  After the session we had a short meeting with Alistair Hollands who is Retail and Volume Sales Director at Fujitsu in the UK, and this was also productive.

Bet you didn't know that Fujitsu make biscuits, beans, soup or FujiFlakes? Sadly, alongside their excellent business smartphones, these are only available in Japan for now. OK, we know you're smarter than that - this was part of the Connected R…

Bet you didn't know that Fujitsu make biscuits, beans, soup or FujiFlakes? Sadly, alongside their excellent business smartphones, these are only available in Japan for now. OK, we know you're smarter than that - this was part of the Connected Retail Display Showcase.

The evening before the event, I'd seen that Fujitsu had a smartphone app (for both Android and iPhone) for The World Tour - this I downloaded to see the agenda and map and it proved useful during the day as The Brewery is not a small venue and some of the halls had a lot of display areas from Fujitsu and their key partners; Brocade, Citrix and Intel. The app was genuinely useful on the day and I noticed that they also had a Challenge Game in this. The goal of the game was to fulfil a set of challenges and take photos which were uploaded for evidence (and embarrassment!) to prove you'd completed the task. These involved visiting nearly every stand and investigating something on it; ranging from the Oculus Rift VR Headset through to the Financial Services Innovation display and storage areas. Fujitsu now thus have photos of me doing dodgy yoga in their Human Centric Zone etc.  The game was fun and while I decided to participate competitively on this and visit all the stands quite quickly for the points, I then went back later and had good in-depth conversations with staff on a number of the stands of most relevance to our work at Onega.

The 3D view from the cockpit with an Oculus Rift in the busy demo hall.

The 3D view from the cockpit with an Oculus Rift in the busy demo hall.

The lunch time break allowed for plenty of time to visit the key stalls and have good conversations with engineers who very much knew their stuff. As with any exhibition style event, not everything brought was working.  One of the displays of interest was a state of-the-art Fujitsu Cashpoint system which incorporated palm vein scanning technology which actually scans the blood veins within a hand with IR to make a map and is more secure than fingerprints as they can't (yet) be copied. Onega have one of these scanners in our own office for staff access identification, complete with the relevant SDK which is quite simple to use.  The demo cash machine however did not want to co-operate, and thus was said to be running in 'Full Greek Mode' as the day of the Fujitsu London World Tour coincided with the day that the Greek government failed to pay EUR 1.5B to its creditors and thus became in default. We do of course empathise with the case of temporary financial hardship and correction in the birthplace of democracy.

Onega's Ben Fitzgerald with a member of the Fujitsu Hoodie Hacker brigade, who had been released for the day to come and demonstrate their ability to keep your network safe whilst enduring air conducting of the 1812 Overture and other impressive&nbs…

Onega's Ben Fitzgerald with a member of the Fujitsu Hoodie Hacker brigade, who had been released for the day to come and demonstrate their ability to keep your network safe whilst enduring air conducting of the 1812 Overture and other impressive feats.

One particularly good conversation I had was with the Fujitsu Managed Security team - they have a number of outsourced services that are relevant to Onega clients and take IT elements that are important but often in reality boring and apply excellence to these. An example of this is in their firewall log file monitoring and management service. Traditionally this is something that would be done by internal staff in a large organisation, but it is hardly the sexy job that everyone wants. Analysing large amounts of data is something that is vital in order to find the needles in the haystack and manage the information that matters. Through best practice and a high degree of automation, Fujitsu can offload this task from an organisation and in 99% of cases do it better - alerting a business to threats and realities that they would want to know about in order to manage reduce the risk of cyber fraud and information (which leads inevitably to financial loss). This service is evolving so that it will be of emerging interest to mid size firms who want to make sure their security is in good hands.

Fujitsu had all their latest laptops on display and these are among the slickest and best built business laptops available - many members of Onega staff are equipped with Fujitsu laptops and for good reason. They are good and dependable, light and with excellent screens and battery life (some up to 20+ hours with an extended battery - and this is genuinely achievable). Also on display was the lineup of storage solutions, for which Fujitsu are particularly strong. Their storage we also use here at Onega with our DX90S2 SAN, which has had zero unplanned downtime since installation and is boringly dependable (in a good way - some things in life you want to be boring and dependable so that you can sleep easy and worry about other things instead).

Stepping outside my comfort zone (I'm neither photogenic or telegenic), I also had the pleasure of an interview with George Barker from Cloud-Channel.TV  which was actually fun and I look forward to (read: 'am dreading!') seeing the results.  I was asked about my take on current and future trends and shared thoughts on some of the disruption we see coming.

After this, we attended a world first at the event which was the Global Launch of Fujitsu's'Beluga' storage system. Answering the needs of 'big data users' this a storage array system that can scale massively to 18 PBytes+ of data in a single array, with a massive IOPS capability to go with this. This allows for massive data sets to be stored and crunched through in a large scale system with greater coherence than you'd get in a (lower cost) distributed data system. We understand that the code name of Beluga was adopted as it is big but agile. The Caviar of the Beluga is also the most sought after, and the digital equivalent is the meaningful insight that large data can give, which can give a company significant competitive advantage.  The launch event was motor sport themed and included a racing driver on standby to demonstrate the speed of the system to get everyone 'revved up'.  After the formal launch I spoke with Mr Reichart about the systems and some of the business results that clients are finding that large data analysis is delivering.

The launch of the Beluga storage system complete with the 'Fujitsu Stig' racing driver and F1 engine sound effects to get us all 'revved up'.

The launch of the Beluga storage system complete with the 'Fujitsu Stig' racing driver and F1 engine sound effects to get us all 'revved up'.

The final session of the day was a plenary session with a talk and thoughts from Futurologist Rohit Talwar, author of 'First to the Future' and a Panel Session that included Dr Reger, who shared with us his serious concern that IOT may be 'The Last Chance For Europe to Lead in Technology'. Michael Ibbitson, Gatwick Airport CIO spoke on Open Data and integration between services and there was some joint thought of the Circular Economy (a return to the past). A few interesting things we noted were the '30 Storey Hotel Built in 360 hours' (15 days) - by Dongting Lake in China and New York based Quirky Consumer Products, who help inventors get their ideas into production with the power of the crowd. Good examples of innovation and agility in business in the current day.

In closing, people were thanked, and awards given. I was surprised and happy to find that I'd won the Fujitsu Challenge competition by completing the challenges first (partly I was late entering my pictures due to the TV interview). I met a fellow competitor at the last of the challenges who worked at Bletchley Park so it must have been a close run race. Many Thanks to Fujitsu for the Virgin Experience Voucher which I was grateful to accept on behalf of the team at Onega and which will be very much enjoyed.

A very worthwhile day in all and very good to catch up with people at Fujitsu in person, with many that we normally might mainly talk to electronically or by phone. Onega are happy to partner with Fujitsu, and value the strong relationship.  

, ,

What To Do If You Lose Your Laptop Computer - Onega Style

, ,

One of our clients recently had the misfortune to become separated from and lose his laptop computer while on a business trip to Sweden. This is the story of what happened and how we were able to help later reunite him with his laptop.

Anyone who travels on business will be aware that current rules and procedures for airport security require that, if you are travelling with a laptop computer in your hand luggage, then you must take it out of the bag and run it separately through the x-ray machine at the security station.

On this occasion Onega's client, Tim (who was happy for us to share this story), was on his way back to the UK from a business trip to Sweden and running close for time to get on the plane. After having gone through the bag check and x-ray station, in the rush to get on the plane, he was distracted and forgot to pick up the laptop after it had gone through the scan.

It was only the morning after returning home from the evening flight back that he realised the computer was missing and what had happened. Airport lost property was contacted with a description and identification details of the laptop, but unfortunately nothing had been handed into lost property. A report was left of the loss of the computer with the airport authorities and for our client's insurance purposes. From a practical perspective Onega then proceeded to procure a replacement laptop for our client the same day and configure for email, restore the files from most recent backup and generally get our client back to operation quickly and efficiently.

Normally this would be the end of the tale and you'd kick yourself for forgetting the laptop (though it's easily done and we're all human), but in this case the tale then continued a few days later...

Onega like to pro-actively manage our client's systems, and we have some software and systems that help us make sure that machines are in good health, up to date with security patches and generally happy. While monitoring the management system, we noticed that the lost laptop had done an electronic check-in, so must be alive somewhere, just not with our client. So we knew the machine was being used and now had a clue as to where it was.

Following the clues here our management system logs showed us the Internet IP address that the computer had registered on, and we could in turn find out which Swedish ISP ran this particular network.

Next step was to get in contact with the Swedish Airport Police. We must say that they were incredibly helpful. We filled them in on what we'd found and they were able to contact the ISP to find the subscriber details related to the IP address where the laptop had checked in from.

The next day, armed with this information and after we confirmed that the computer was still online from the same address, the police visited the house. Unfortunately there was no one in; so they broke the door down and entered the property, recovered the laptop, and left a note on the door asking the householder to get in touch.

The person who had the laptop claimed to have bought it from someone in a park, so was let go with a warning, a note on record, minus the laptop of course and with the task of replacing their front door.

The evidence here was later used to support (alongside other evidence) a successful prosecution of a member of the airport security scanning station staff; who it turned out had a sideline in taking and selling items that were left behind on the scan station when they really should have been handed into the airport lost property office.

Our client picked his laptop up a few weeks later when he returned again through the airport on business, and the laptop has now become a 'good spare' which is always a useful thing to have.

So a good result all round (unless you were the unwitting buyer of the laptop or the light fingered security officer of course!). Here at Onega we rather enjoyed working with the Swedish Airport Police as well as the happy outcome for our client in getting his computer back.

We can't promise that we'll be able to reunite every owner with their lost laptop, but we do promise to do our best for our clients to continue to provide excellence in IT support delivery that 'goes one step beyond' as Onega's normal standard.

, ,

The Big Difference a New Firewall Can Make

, ,

We have just returned from London's West End having finished swapping out a client's older firewall for a 'latest and greatest' Watchguard Firebox M200

This all went very smoothly with only a few minutes downtime while the old firewall was taken out of the rack and the new one mounted and connected. We timed this at 3 minutes and 21 seconds which is not bad considering the new firewall needed to boot as well once plugged in. Normally we aim for about 6 seconds disruption if we can mount the new firewall alongside the old unit in the rack ready for switchover (which was not possible in this case). Given that the old firewall (a venerable Watchguard X750e) had served since 2008 or 2009, it had very much done its time. Despite the office being a nice clean, light and airy environment, the amount of dust that had accumulated in the legacy firewall reminded us of the pictures you are shown at school of the inside of a smoker's lungs.  

The old firewall was still working though so why did we recommend swapping it out and why is our client glad that we did? 

Technology has come along a fair bit in the 6 years between 2008 and 2015 and as ever, machines get quicker and more capable. The most important things in our eyes (and from long experience in support) that made this worthwhile were: 

1) UTM services at full speed. UTM stands for 'Unified Threat Management' and basically means one box doing many jobs. It used to be that you had one box for web filtering, another for gateway antivirus, another again for anti-spam, one for your SSL VPN (if you had one) and of course one for your router and one for your firewall. With the current generation of hardware, and leveraging 'The Cloud' one box can do it all. This saves cost, space, power, money etc. and makes everything easy to manage from one place.

The difference between the current mainstream firewalls in the wild and the very latest is that with the Watchguard M200, M300 and its cousins higher up the line, the UTM functionality all works close to wire speed for the rated number of users supported by the device. This contrasts with the previous status quo whereby you would accept that when you turn on a new feature, you implicitly trade off some response time. Thus you had to find the right balance of how secure the firewall (and hence your network) was set to be and how this would deliver on user expectations as to web page load times etc. We like turning the whole UTM suite on as, when configured correctly, it will more than pay for the cost of the firewall over time. It does this by helping reduce instances of (for example) staff accidentally loading malware onto their PCs as every page is virus scanned, checked against a good reputation database and regularly updated blacklists, to ensure that the risk of loading something bad onto your machine is minimised. This saves staff time from lost productivity while their machine is down, saves time and cost in IT support for the company, and reduces risk of data loss through a Trojan getting into the system. If it all works as it should (it does) then IT gets to sleep easier over systems and the only problem you are then faced with is that as it works so well, management might question if a firewall is needed as 'we don't have any network security problems'. The answer to this is of course that it is partly thanks to the firewall that this is the case (and of course your efficient patch schedule, up to date endpoint antivirus, secure DNS and careful network privilege management etc.).

2) SSL-VPN - This is not a new feature to Watchguard, but it is one that was not available on the older firewall that was in place at our client site, and something that many may have available on their firewalls but not be currently using. While the world is moving to the cloud, and the latest Watchguard firewalls are very 'Cloud Connected', there are still plenty of times when you need to connect from a laptop or home office PC back to your office network. One of the very best ways to do this is with an SSL VPN (as opposed to an IPSEC or PPTP VPN) - if these TLA's (Three Letter Acronyms! - and yes there are 4 or 5 here) are confusing then suffice to say that PPTP is generally regarded as weak and obsolete, IPSEC can be secure but also complex, cumbersome and liable to blocking, but SSL VPN connections will allow you to connect to your office anywhere you can get a secure web page from (i.e. hotels, airports, anywhere really). Now you can have a reliable and robust VPN that works from nearly anywhere with minimal hassle.  The M200 makes this easy and with a few clicks it is configured, and the corresponding client software setup is a Click Next Click install. Bottom line is less frustration as a business user when travelling, in terms of getting online from wherever work takes you.

We only had two points here, but actually have covered many areas. When you invest in IT, you need to consider not only cost but benefit, ROI, TCO etc. which pale the dollar cost of the machines into insignificance over time.

To sum it up, we like the new M200 series fireboxes as they really do let you have your firewall UTM cake and eat it. 

Samsung Release Fix for Popular 840 EVO SSD Drive Performance Problems (again)

Samsung have released a new firmware update for their popular 840 EVO Solid State Drives. This fixes a problem that emerged on this series of drives which turned out to have an issue where performance (read and write speed) dropped off a cliff over time. This would turn a computer into one that initially was very quick, to one that becomes frustrating to use.

There was a fix for this problem released previously with a performance restore tool, but this appears to have been a temporary fix and the problem would later re-occur. So now in May 2015 Samsung have released a new firmware release for the 840 EVO SSD range, which promises to mitigate what is essentially a design fault in the drives for good.

We would thus strongly recommend that all clients with these popular drives in their computers apply the update via the Samsung Magician tool which is a free download from: http://www.samsung.com/global/business/semiconductor/minisite/SSD/global/html/support/downloads.html

For clients under managed service agreements (Proactive IT support contracts), where we can see from the IT audit tools that Onega use that you have these drives installed, we'll be in contact shortly to schedule these updates when convenient for you. For clients on PAYG support, we'll also be in contact to ask if you'd like us to do this for you or to recommend you do this yourself (it is quite straightforward if you are competent).

Once the new firmware is on, there is a tool in the Magician Software that does a full refresh of the drive data. This is non-destructive but not to be interrupted while it runs, which can take some hours, so best started off of an evening. This will restore or maintain the data on the drive and make your computers run like new again. As the performance drop is gradual, you often don't notice the performance drop occurring, so a pleasant speed surprise when this is run.

By way of background, if you like to understand how things work, as we do; here are the technical details of what is occurring behind the scenes. The Samsung 840 drives use 19nm flash cells, which store the individual memory bits in vast quantities in these SSDs. They have a 'feature' whereby the charge in the cells decays over time so that they can take a number of read request cycles to read the data. When the amount of data to read is multiplied by the vast number of memory cells in the drive, then performance drops to about the speed (or worse) of a traditional magnetic hard drive. The data affected thus are files not regularly written. Most of your operating system, programs after install and data files will fall into this category as the amount of data on a drive that is changed every day is actually typically very small.  The fix essentially causes the drive to periodically move data on the drive behind the scenes to refresh this and keep the performance up thus. This will come at the expense of drive life to a limited extent, though realistically a computer will likely be replaced before end of drive life anyway as in a few years time we'll likely have 10TB SSDs where we currently have common capacities of 250Gb, 500Gb or 1TB.

Onega's policy on SSDs is to generally install Intel drives as first choice as these have excellent performance and reliability. Samsung next as they are just behind and coming in at slightly lower price points and thus, if we can, avoid any other brand of SSDs (or fit as an exception). Importantly Intel and Samsung both make their own silicon so have best control over quality in manufacturing. We've found that some drives can fail in case of power interruption and that others that purport to offer double the capacity of any other drive for the money are cheap for a reason and thus represent a false economy in a business environment where you need performance and reliability from a drive.

The current generation of drives like the Samsung 840 EVOs have a typical life expectancy of around five years under reasonably heavy load which exceeds the expected life of an office PC. The very latest Intel SSDs like the new Intel 750 series drives have an MTBF (Mean Time Before Failure) of 1.2 million hours, which works out to be 136 years which is pretty awesome and shows the unrelenting march of technology. By a back of envelope calculation you'd be running Windows 58 by then!

35% of Microsoft Exchange Server Deployments now in the Office 365 Cloud

Everyone knows that 'The Cloud' is the trend of the moment (as we write in 2015), and quite a journey it has been.

A couple of years ago, Onega did not recommend that clients used Office 365 as at the time it did not do everything you needed to do, that you could (and did) regularly on a server based office system. However, since 2013, Microsoft have continued to improve their cloud offerings to the point that it is now on a par with on-premises IT, and in some cases is overtaking this to go beyond. For example now, if you want to use MS Office on your iPhone or iPad, the only way is in conjunction with an Office 365 subscription. Windows 10 and Office 2015 will only be more integrated with the cloud and the lure will most likely be compelling for everyone not yet on the cloud at that point.

One of the benefits of the cloud is that it facilitates rapid iteration. i.e. instead of the traditional software model where you release software, install it on client systems, maintain it and then upgrade with Service Packs, roughly annually, and then upgrade to a new release two or three years down the track; now upgrades happen behind the scenes on a central service, are instantly available to clients without local IT having to do anything and are largely transparently to users. Office 365 has now had more than 25 iterations and a few more will likely be through before the end of the year.

The other big change in the last couple of years is that fibre broadband is now (nearly) pervasive, and fast wireless services are available elsewhere which typically give up to 50Mbps speeds for £3X a month on a business grade connection.  For established companies, the SuperConnected Cities Project (see http://www.onega.net/blog/superconnectedbroadbandvouchers) allows for free install of 'real' fibre Internet for very high speeds and SLA's. Thus you can now both have your cloud cake and eat it.

So back to the headline of the article here. Building momentum and phenomenal growth in Cloud and adoption of MS Office 365 (mainly because the case is compelling all round) means that we are now at the point where a grand total of 35% of all MS Exchange's installed user base is now on Office 365 and Exchange Online (the email only version of Office 365).

That's quite a statistic and we'd not be surprised if this was over 50% within 12 months, if not more. In fact we'd be surprised if this was less by that time.

So here, the market speaks volumes and if you've not yet got a cloud strategy then please do sign up for a free trial via Onega and feel free to get in touch to run through your particular setup and how we can help you get the most out of the Cloud for your business. http://www.onega.net/contact

 

Onega Rated Strong in report of the UK's Largest 1000 IT Consultants

Onega is happy to say that we've been rated as 'Strong' in the latest Plimsoll Analysis, which covers the IT Services and Consulting sector and rates each company in one of five different categories; Onega is up at the highest step on the scale. Having been established since 1998, Onega have been growing slowly and steadily over time. Onega have no debt as a company and enjoy positive cashflow (mainly thanks to Heather and Nicola in Accounts who keep us on the straight and narrow with invoicing, admin and finance etc.)

You can see the headlines of the analysis at http://www.plimsoll.co.uk/marketreports.aspx?market=it_consultants - this shows that in the sector nearly a quarter of our competitors are making a loss or are categorised as being in Danger.

We're planning on being around for the long run.

, ,

The Importance of Using Secure DNS Servers

, ,

All good IT administrators know that maintaining a secure, productive and supportable computing environment means considering (and implementing) security at many levels. There is a whole load more to it than just installing a virus scanner on all your computers (though deploying a good antivirus and anti-malware solution is of course one element in this). Ideally you'll have Endpoint protection for AV and Malware on all desktops, laptops and servers (Onega tend to recommend and use Kaspersky, AVG and MalwareBytes depending on use case), but also a secure firewall (e.g. a good Watchguard XTM or similar unit) and external cloud based email filtering to reduce the risk of anything untoward getting into your network in the first place.

One thing we are also now recommending (aside from reminding people about limiting use of full admin rights to a PC - see http://www.onega.net/blog/2015/6/4/are-you-logged-in-with-admin-level-credentials-on-your-computer-right-now ) is to set your external DNS servers to be secure servers.

In QA format - here you are:

Q. What is the difference between Secure and Non-Secure DNS Servers?
A. In this context, the answer is that a standard or non-secure DNS server does a good job of DNS resolution and turning your request for http://www.randomwebsite.com/ into the IP address (143.95.83.184 in IPV4 Land as I type) that hosts the site for your web browser to connect to or your email to be delivered to etc.  The resolution process is simple, fast and robotic and the DNS server will cache entries for fast response or look them up for you recursively from first principles and the Root DNS Servers. When the server has the result then it gives it to you.  A secure DNS Server adds an extra level of security to this process. It will lookup websites and Internet addresses, but before giving you the result, it will check that the IP address is of known good or known bad reputation (or check it with a virus scanner first); such that if the site is deemed clean then your computer is given the IP address in the blink of an eye. If the site is one that you'd probably be glad not to be visiting, then the DNS server will redirect you to a harmless web page which will let you know why you are there.

Q. Put simply, what is the benefit of secure DNS?
A. It helps reduce this risk of accidentally browsing to an undesirable website that might otherwise have tried to install malware or other junk on your computer. Thus you are very likely to save hard money through reduced downtime and lost productivity and also less time to fix (and cost of fix) on a machine otherwise.

Q. Which Secure DNS Servers to we recommend?
A. The two main contenders at the moment for secure DNS are:

Comodo Secure DNS: 8.26.56.26 and 8.20.247.20
(See https://www.comodo.com/secure-dns/index.html )

OpenDNS: 208.67.222.222 and 208.67.220.220 (others are available on premium packages - these are free for public use)
(See https://www.opendns.com/ )

Q. How to we implement Secure DNS?
A. Make note of the DNS server addresses above, and either set these individually on a PC / laptop (if not in an office environment) or else set these servers as the DNS Forwarding servers on a Linux / Windows / Mac Server DNS server in an office environment. DHCP should give out DNS servers that relate to these (or actually give the addresses out if you don't have an Active Directory environment).
.. or just ask Onega of course and we can help configure these for you quickly.

Q. Is there a Cost?
A. If you are a business then it is of benefit to subscribe to one of the premium services which has a modest charge but this is of relatively trivial level and soon, anecdotally, pays for itself. The premium services also give you the confidence of an SLA as well as extra features. On the setup / installation / configuration of secure DNS in your environment, Onega would do this for you, either free if you are under a proactive maintenance agreement with us, or based on our standard PAYG time charges (it would normally take no more than an hour on the average client network servers and firewalls, unless you have a really big system).

Q. What about Google's DNS - is that Service Secure? (8.8.8.8 and 8.8.4.4)
A. No, not in the sense being discussed here. Google being Google, that is likely to change over time.