Using XenDesktop with ESX

0 | February 9th, 2010 | Posted in Citrix

Most people know by now that XenDesktop supports three virtualization platforms with VMware ESX being one of them.  However, there are at least four different editions for ESX.  Even if you have decided to use ESX for all or part of the XenDesktop deployment, which edition do you really need?  Can you stick with 3.5, or should you use 4.0?  As part of the CSC Dynamic Desktop offering, we have researched what virtualization features are useful in a XenDesktop deployment and here are the results.   

Before I continue further, I want emphasis that I am focusing on which version and edition is needed to host the XenDesktop virtual desktop VMs.  The XenDesktop server infrastructure components such as the DDC, XenApp and Web Interface should follow the same policy as your other server VMs.  Since server and desktop VM requirements differ quite a bit, it can make sense to use one virtualization platform for servers and a different one for desktops.

Since your virtual desktop VMs have different requirements, what ESX features are beneficial in a XenDesktop environment?  The following is a list of those features with a brief description of their functionality and what ESX edition is required.   Except where listed, each feature is available in both ESX 3.5 and 4.0.

Feature ESX Edition
PXE / Boot ISO Support - The Provisioning Services component in XenDesktop communicates with the virtual desktop VMs during boot via PXE or a boot ISO. Standard
XP & Windows 7 Support - Support for running Windows XP and Windows 7 VMs. Standard
Memory Ballooning - This allows for free memory in each virtual desktop VM to be used in other VMs and the ESX host using a balloon driver run in the VM.   This feature is useful in cases where extra capacity is needed such as when another ESX host fails. Standard
Transparent Page Sharing - This is another memory saving feature that identifies duplicate memory pages across VMs on the host and only stores a single copy.  This consumes extra CPU cycles to identify the duplicate pages but this is adjustable.  Depending on your needs you may not want to use this feature. Standard
vStorage Thin Provisioning - With thin provisioning you only need storage for what data is being used rather than the actual formatted capacity.  This works well for the PVS write back cache when the storage device does not support thin provisioning. Standard    
(4.0 only) 
High Availability - This feature is useful in an assigned XenDesktop environment where each user is assigned their own virtual desktop VM.  If the ESX host running their virtual desktop goes down, their desktop would be restarted on another host. Standard
vMotion - This features allows an administrator to manually move a running VM from one ESX host to another host which usually has less load.  This requires that the hard disks for each VM are located on shared storage. Advanced
Dynamic Resource Scheduler (DRS) - DRS dynamically allocates and balances the virtual desktop VMs across a resource pool.   This feature basically automates the vMotion feature listed above. Enterprise

In summary most of the features are available in ESX Standard which retails for around $1590 for a dual-socket server.  Paying an extra $2900 gives an administrator the ability to manually rebalance VMs across the ESX hosts via vMotion and an extra $4160 (compared to standard) provides automatic load balancing of VMs.  Taking a ballpark conservative estimate of 50 users for the latest dual-socket server the cost per user is about $32 retail per user for ESX standard, $90 for ESX Advanced and $115 for ESX Enterprise. 

The next logical question is if it is worth an extra $83 per user to be able to dynamically load balancing running virtual desktop VMs across ESX hosts?  In some cases it will be, but for most cases if you need to use ESX in a XenDesktop deployment, ESX Standard is the better choice.   The additional thin provisioning functionality in 4.0 does not usually justify an upgrade from 3.5 especially if this functionality is supported in your storage device.

If you are using XD with ESX, what version and edition are you using?  Are there any other features that you find useful for managing your virtual desktop VMs?  Feel free to leave a comment or you can contact me via email.  

Sunil Kumar
Principal Architect, Desktop Virtualization
CSC Consulting
Tagged in:

Windows on iPad

0 | February 8th, 2010 | Posted in Citrix

Or any Application for that matter.

Chris Fleck gave fair warning. I'm here to tell you that it works and its here, now. The computing model just got turned on it's ear.

Why would you want this? Because it increases your mobility without having to reboot your laptop everytime you want to use it, it saves time and money, and it delivers any Windows platform or application to your iPhone, iPod or iPad.

What was previously just a future scenario is now a reality.

Citrix runs Windows and Windows Applications from a central server, called XenDesktop, and pipes it out to your mobile device through the NetScaler AGEE. This is perfect for the iPad which has a screen size of 1024x768. Now the touch, squeeze and pinch is available for all of your Enterprise applications, making them usable on an iPad.

The small form factor of the iPhone was a little hindering for Enterprise applications. Now, with the iPad and Citrix Receiver, Enterprise Apps are usable. Although, while putting together this POC the Product Manager sent me an eMail from Microsoft Office 2010 running on a Windows 7 Desktop ... from his iPhone. This confirms that form factors and the computing model is about to be rocked.

The magic is in the way that Citrix hosts the Windows desktops and delivers them to the mobile device. The advantage is all of the computing power of multi-core processors and large memory can still be utilized by Windows, while all of your touching and pinching power is localized at your mobile device.

All of the communication is done over secure tunnels, so all of the information is secure.

For this Proof of Concept, We started with XenServer, installed XenApp and XenDesktop, built a NetScaler to Front-end and secure the infrastructure, and fired up our iPhones and iPads. Its fast, easy and cool. We used the Citrix Web Interface for authentication to keep it simple. You can also use LDAP or any other type of authentication method.

Guides

You can have this setup, by following the guides we wrote up as a result of this testing.

Download the Deployment Guide - ICA Proxy for XenApp & XenDesktop for Citrix Receiver for iPhone, iPod and iPad.

Download the Deployment Guide - ICA Proxy for iPhone, using LDAP authentication.

Delivery Center has arrived.

Products

XenServer is free

Get XenDesktop here.

Download NetScaler VPX here

Citrix Receiver is available for Free on the App Store

Get an iPhone, iPod or iPad from Apple.

Watch it live



Tap into the power of AppExpert!

Tagged in:

IbarraReal font download for Windows Users

0 | February 7th, 2010 | Posted in Bink

IbarraReal is a public-domain font of Ibero-American character, created in 2005 as a revival of the types cast by Jerónimo Gil for the Royal Spanish Academy's edition of Don Quixote, printed in Madrid by Joaquín Ibarra in 1780. Its elegant design mixes tradition and modernity and is a genuine badge of Spanish culture.

 

Download details IbarraReal font download

Send via e-mail | Submit to Digg | Add to Live Favorites


Tagged in:

XenServer beats competitive hypervisors in VMs per core

0 | February 6th, 2010 | Posted in Citrix

Alessandro Perilli noted our recent change to the number of supported virtual machines per core for Intel Nehalem (Xeon 5500 series) CPUs. In case you're wondering, we support up to 16 VMs per core on XenServer today, for XenDesktop workloads.

The new support level is based on exhaustive testing with the Project VRC 2.0 workload for virtual desktops. Bernie Hannon, who has conducted our experiments, has discovered some interesting comparative results for XenServer versus other hypervisors too. You can read about his testing here.

Suffice it to say that XenServer 5.5 is the hands-down leader in performance for hosted virtual desktops. This remains true even in the presence of memory overbooking and common code page sharing, neither of which helps to increase the maximum number of useable VMs per server. Because comparative results require careful testing and even permission from other vendors before they can be published, we have simply elected to raise our own support levels, and to note that our competitor has not yet managed to do the same.

If you are interested in this topic, you should plan to come to Citrix Synergy in San Francisco, in May, where we plan to demonstrate the scalability of Citrix XenDesktop 4, and show what's coming on the technology roadmap as we drive towards being able to scalably and affordably deliver tens of thousands of virtual desktops.

Tagged in:

How Big Can My XenDesktop Farm Be?

0 | February 6th, 2010 | Posted in Citrix


Ok, tell me if you've heard this one before? How big can my XenDesktop farm be? The response is "It depends. . . Blah, blah, blah"

I've had many people ask me this exact question. I don't like saying "it depends", but it really does.  But how can anyone design their XenDesktop environment with an "It Depends" answer?  Well, the answer to that is It Depends Enough joking around. Let's take a look at XenDesktop and understand what goes into approximating the size of the farm.

The one component that will have the greatest impact on the size of a XenDesktop farm is the XenDesktop controller. The Controller is used to:

  1. Maintain proper level of idle desktops (in hosted VM-based model)
  2. Monitor the state of virtual desktops (idle, online, offline, in use, etc) for hosted VM-based VDI and hosted Blade PCs.
  3. Authenticate users
  4. Enumerate virtual desktops for the user
  5. Connect a user to their appropriate virtual desktop

Now that we know the determining factor is the controller, one would think that it would be easy to figure out the max size of the farm.  One thing we need to completely understand is that there is no number at which point the XenDesktop farm will simply stop functioning.  There is no defined limit.  The limit is defined based on the environment like:

  1. XenDesktop Controller Architecture: Is the XenDesktop Controller implemented as a single server or are the functions split across multiple controllers?
  2. Logon storm: How fast and long will users logon during the start of a shift or a workday. I discussed this in a previous blog.
  3. Logon Latency Acceptance: How long will a user accept their long time being?  10 seconds? 20 seconds? 60 seconds?

Controller Architecture

Looking at different implementation examples, I know that one will get the best logon speeds and farm sizes by separating out functionality within the controller.  For the large XenDesktop implementations, we recommend 3 controllers:

  1. Master: Responsible for idle desktops and connecting users to a desktop
  2. Brokers (x2): responsible for authentication, enumeration and virtual desktop state monitoring

By separating out theses loads, I've seen farms scale over 5000 hosted VM-Based desktops. Read about this architecture in the Modular Reference Architecture for XenDesktop.

Logon Storm

Like I stated earlier, the logon storm will have an impact on the environment.  During a storm, users will authenticate, enumerate, and connect to their desktop. For each connection that is made, a new idle desktop must take the place of previously idle desktop.  As you can see, by separating the XenDesktop Controller functionality across multiple systems, the logon storm's impact is spread across multiple systems, thus helping to negate the impact. The impact of the storm is explained in the blog How User Patterns Impact a Desktop Virtualization Infrastructure

Logon Latency

How long are you willing to wait for a logon to complete?  As the number of users connecting during a logon storm increases, the logon latency will also slowly increase. At some point, the logon latency will become too great for users to accept.  At that time, it is often appropriate to start distributing your load across multiple XenDesktop farms.

OK, OK, Just give me the answer!!!

So how big can my XenDesktop farm be?  2,000-20,000 users. 

  1. Smaller: If I don't separate out my controller functionality, and have thousands of users connecting within a short duration, and expect sub-10 second logon times, my farm size will be limited in size
  2. Larger: If I separate out my controller functionality, have tens of thousands of users connecting over 1 hour,  and my users will accept 20-40 second logon times

When you are asked about how large can your XenDesktop farm be, you need to ask a few questions before you can give an educated guess:

  1. Will we be able to separate out our controller functionality?
  2. How many users do you expect to login within a 10 minute period?
  3. How long will users accept their logon times becoming?

I've seen logon rates of 2,000 users in 10 minutes, with separated controller functionality and 20-30 second logon times occurring in XenDesktop farms of 5,000-6,000 users. 

I hope this helps shed some light on how big is too big for your virtual desktop infrastructure.

Daniel

Lead Architect - Worldwide Consulting Solutions
Follow Me on twitter: @djfeller
Blog for Next-Gen Desktop: Ask The Architect
Questions, then email Ask The Architect
Facebook Friends: Ask The Architect

Tagged in:

The iPad As The Door Opener for Bring Your Own Computer BYOC

0 | February 6th, 2010 | Posted in Citrix

Beyond the hype the of the iPad by Apple lovers and the nay sayers who say "who needs it " the iPad is likely to impact company IT practice more than anticipated. For many CIO's and IT Directors there is a growing interest in minimizing the expense and support of endpoint devices. Many companies have taken the fist step to allow access to company apps from unmanaged home PC's utilizing Application and/or Desktop Virtualization, however very few have taken the leap to allow employees to really bring there own computer to work "BYOC".

The reasons for the hesitancy typically revolve around security, compliance, local data and risk to internal networks. These concerns have been reason enough for most companies to not to move beyond where they are today. The policy is either a company provided PC/Laptop only, or the next level of enablement allowing controlled access from outside the company network.

What frequently changes IT's priority to move from the status quo is a management decree or revenue generating employees. Enter the iPad. Regardless of current IT policy the iPad is going to be purchased by Executives, Sale Managers, Physicians, Traders and other money makers. In increasing numbers these employes are going to bring the devices to work and ask IT to support them. Although the first reaction may be no way, the current obstacles of BYOC don't necessarily apply. If IT allows access from a Receiver equipped iPad with a XenApp/XenDesktop backend the following issues and concerns easily can be managed.

Exposure to Internal Networks - The iPad has no Ethernet port to plug into office RJ45 jacks exposing the internal network. Many companies already provide an isolated guest WiFi network that only allows a secure remote SSL/VPN connection. Alternatively no WiFi access could be enforced and only allow controlled access from the independent 3G carrier network completely isolating the device from the company network.

Company Data on Employee Devices - With Citrix Receiver for iPad no data is stored or runs on the device. Email can be limited to company hosted XenApp sessions of Outlook or Notes and disallow the local native email.

Mixing Personal and Business Data - IT does not want to deal with iTunes, personal music and photos, licensing issues etc. With an employee owned device all these issues are the responsibility of the employee and IT can define a "virtual" wall between IT delivered Desktops and apps that never mix with the employees device.

Replacement Issues - Most BYOC iPads will be secondary devices that won't kill the employee's productivity if its out of commission, they can just go back to their primary PC. For some users like Physicians who may depend on an iPad, keeping loaners on-hand can be easy, and set up / configuration can be done in minutes.

Support of Non Company Devices - Aside from replacement issues IT would prefer not to be in possession of employee devices for set-up causing logistical and asset control issues. With Citrix Receiver IT can simply send an email or have an Intranet site that employees only need to click a link to configure the iPad for company apps and desktops.

IT Security Policies - Most companies have specific policies in place for allowing controlled secure remote access. This may include 2 Factor Authentication, 128 SSL Encryption, and password protection enforcement. A Receiver enabled iPad can support all of these requirements.

So for the many companies who are thinking BYOC is an interesting concept but " not for us " , it could be worthwhile to consider the Citrix Receiver enabled iPad as a safe way to allow employees to Bring Their Own Computer.

Have you been asked to support the iPad already ? Do you think the iPad is a door opener to BYOC?

Tagged in:

Windows Azure may host virtual machines starting March

0 | February 5th, 2010 | Posted in Bink

At the beginning of January Microsoft launched its Platform-as-a-Service (PaaS) cloud computing offering: Windows Azure.
Despite the company’s Chief Architect Ray Ozzie said that Azure will be able to compete with Amazon EC2 and similar Infrastructure-as-a-Service (IaaS) clouds, this component is not yet accessible, or at least we couldn’t find it, and Microsoft didn’t even officially confirm it exists.

A couple of months ago virtualization.info suggested that the IaaS component of Azure may appear in March, because Microsoft is going to release a cloud toolkit that month
It seems that Azure will indeed start hosting virtual machines in March 2010 according to TechTarget:

…Microsoft has announced plans to add support for Remote Desktops and virtual machines (VMs) to Windows Azure, and the company also says that prices for Azure, now a baseline $0.12 per hour, will be subject to change every so often.

Prashant Ketkar, marketing director for Azure, said that the service would be adding Remote Desktop capabilities as soon as possible, as well as the ability to load and run virtual machine images directly on the platform. Ketkar did not give a date for the new features, but said they were the two most requested items…

Continue: Windows Azure may host virtual machines starting March  virtualization.info

Send via e-mail | Submit to Digg | Add to Live Favorites


Tagged in:

Microsoft Small Basic 0.8

0 | February 5th, 2010 | Posted in Bink

Microsoft Small Basic is a project that is aimed at making computer programming accessible to beginners. The project comprises a simple programming language that gathers inspiration from the original BASIC programming language; a modern and attractive programming environment; and rich, extensible libraries. Together they make programming fun for kids and adults alike.

 

Download details Small Basic

Send via e-mail | Submit to Digg | Add to Live Favorites


Tagged in:

13 security bulletins next Tuesday!

0 | February 5th, 2010 | Posted in Bink

Bulletin 1

- Affected Software:

- Microsoft Windows 2000 Service Pack 4

- Windows XP Service Pack 2 and Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2

- Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2

- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2

- Windows 7 for 32-bit Systems

- Windows 7 for x64-based Systems

- Windows Server 2008 R2 for x64-based Systems(Windows Server 2008 R2 Server Core installation affected)

- Windows Server 2008 R2 for Itanium-based Systems

- Impact: Remote Code Execution

Bulletin 2

- Affected Software:

- Microsoft Windows 2000 Service Pack 4

- Windows XP Service Pack 2 and Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Impact: Remote Code Execution

Bulletin 3

- Affected Software:

- Microsoft Windows 2000 Service Pack 4

- Windows XP Service Pack 2 and Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2

- Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2

- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)

- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)

- Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2

- Windows 7 for 32-bit Systems

- Windows 7 for x64-based Systems

- Windows Server 2008 R2 for x64-based Systems (Windows Server 2008 R2 Server Core installation not affected)

- Windows Server 2008 R2 for Itanium-based Systems

- Impact: Remote Code Execution

Bulletin 4

- Affected Software:

- Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2

- Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2

- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2

- Impact: Remote Code Execution

 

Bulletin 6

- Affected Software:

- Microsoft Windows 2000 Service Pack 4 - Windows XP Service Pack 2 and Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2

- Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2

- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)

- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation not affected)

- Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2

- Windows 7 for 32-bit Systems

- Windows 7 for x64-based Systems

- Windows Server 2008 R2 for x64-based Systems (Windows Server 2008 R2 Server Core installation not affected)

- Windows Server 2008 R2 for Itanium-based Systems

- Impact: Remote Code Execution

Important Security Bulletins:

Bulletin 7

- Affected Software:

- Microsoft Office XP Service Pack 3

- Microsoft Office 2004 for Mac

- Impact: Remote Code Execution

Bulletin 8

- Affected Software:

- Microsoft Office PowerPoint 2002 Service Pack 3

- Microsoft Office PowerPoint 2003 Service Pack 3

- Microsoft Office 2004 for Mac

- Impact: Remote Code Execution

Bulletin 9

- Affected Software:

- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Windows Server 2008 R2 for x64-based Systems (Windows Server 2008 R2 Server Core installation affected)

- Impact: Denial of Service

Bulletin 10

- Affected Software:

- Microsoft Windows 2000 Service Pack 4

- Windows XP Service Pack 2 and Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Impact: Elevation of Privilege

Bulletin 5

- Affected Software:

- Microsoft Windows 2000 Service Pack 4

- Windows XP Service Pack 2 and Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2

- Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2

- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2

- Windows 7 for 32-bit Systems

- Windows 7 for x64-based Systems

- Windows Server 2008 R2 for x64-based Systems (Windows Server 2008 R2 Server Core installation affected)

- Windows Server 2008 R2 for Itanium-based Systems

- Impact: Remote Code Execution

Bulletin 11

- Affected Software:

- Microsoft Windows 2000 Server Service Pack 4

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Impact: Denial of Service

Bulletin 12

- Affected Software:

- Microsoft Windows 2000 Service Pack 4

- Windows XP Service Pack 2 and Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2

- Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2

- Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)

- Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2

- Windows 7 for 32-bit Systems

- Impact: Elevation of Privilege

Moderate Security Bulletins:

Bulletin 13

- Affected Software:

- Microsoft Windows 2000 Service Pack 4

- Windows XP Service Pack 2 and Windows XP Service Pack 3

- Windows XP Professional x64 Edition Service Pack 2

- Windows Server 2003 Service Pack 2

- Windows Server 2003 x64 Edition Service Pack 2

- Windows Server 2003 with SP2 for Itanium-based Systems

- Impact: Remote Code Execution

Other Information:

Microsoft Windows Malicious Software Removal Tool:

Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.

Open security advisories

A summary of the three open Security Advisories so customers know what to expect on Tuesday:

· Advisory 980088, Vulnerability in Internet Explorer Could Allow Information Disclosure: this advisory was released yesterday (Feb 3). We do not have an update for this issue planned for the normal February bulletin release. However, this vulnerability only affects versions of windows older than Vista in their default configuration, and there is a “Fix It” available so customers in non-default configurations can protect themselves.

· Advisory 979682, Vulnerability in Windows Kernel Could Allow Elevation of Privilege: we are on track to release an update for this issue next Tuesday.

· Advisory 977544, Vulnerability in SMB Could Allow Denial of Service: we are still working on an update for this issue so it will not be addressed in the February bulletins. As a reminder, this issue cannot be used to allow an attacker to take control of a system remotely, but instead results in a system becoming unresponsive due to resource consumption.

We are not aware of any attacks on these vulnerabilities and continue to encourage customers to implement the mitigations and workarounds outlined in the advisories.

Windows versions end of support:

Important information about Windows versions that are reaching the end of their product lifecycle. Customers using these versions should consider upgrading before support for these products end as, once they do, we will no longer provide security updates:

  • Windows XP Service Pack 2 will no longer be supported as of July 13, 2010. Many customers are still on this version, so we encourage upgrading to Service Pack 3 or to Windows 7 as soon as possible.
  • Windows Vista RTM will no longer be supported as of April 13, 2010. Service Pack 1 will still be supported until July 12, 2011 but we recommend customers update to Service Pack 2 or Windows 7 at this time.
  • Extended support for Windows 2000 will also be retired on July 13, 2010. At that time, we will no longer provide security or any other updates for Windows 2000.
Send via e-mail | Submit to Digg | Add to Live Favorites


Tagged in:

The “Nirvana Phone” Will Let You Leave Your Laptop Home

0 | February 5th, 2010 | Posted in Citrix

Everyone knows a Smartphone is a Cell Phone + PDA. A " nirvana phone " is a smartphone + video connection to a full size display + full size keyboard, Plus access to a Virtual Desktop. With a "nirvana phone" you finally get your leave your laptop home !
Citrix and partner OK Labs are collaborating to utilize the OK Labs Microvisor plus the Citrix Receiver in a secure mobile VM. This solution will enable a new generation of smartphones to provide "nirvana phone" functionality. In addition, Citrix and OK Labs are providing a concept specification for device builders to follow to assure the best "nirvana phone" function and experience.  
Learn more about the "nirvana phone" and the Citrix - OK Labs collaboration at a free Webinar on 2/7/2010. View Online | Add Comment

Tagged in:
RSS for Posts RSS for Comments