LANcom Technology Blog

From time to time we get new customers with existing wireless connections – Woosh a good example.

Most times we get them off wireless as early as the contract permits.

In 2007 if you are in a city area you will have access to DSL which is much more reliable and now much faster.

A Woosh 20 GByte plan with a meagre targeted speed of 1.6Mbyte/s download and 120kbyte/s upload is $59.95 per month.

Orcon’s 30 GByte plan , for the same amount, has targeted speeds of 8Mb/s download and 3Mb/s upload

As anyone with a sky decoder knows, sending digital signals over wireless connections is very susceptible to atmospheric conditions.

From a technology perspective the only reason you would have wireless is if DSL or some other cable based solution was not available (e.g. in rural areas) or if you needed portable access (e.g. 3G access cards for notebooks).

The rules may change in a couple of years when the new WiMax wireless protocols start getting used but I suspect all they will do is push DSL to the faster speeds and cheaper plans that are eminently feasible today

Can often come down to how you view your IT – expense or Investment.

Do you see the $70000 per annum spend or the $2000000 per annum income of which IT is an essential, irreplaceable part?

In their IT planning the former always start by minimising and restricting the 70k while the latter start by protecting and growing the $2M.

The former are always pained over how over priced IT doesn’t deliver. The latter smile all way to the bank.

From the moment that we got broadband we started thinking about backing up over the Internet. All this bandwidth could be used to copy our files over the Internet to a remote location. It would make backing up automatic and painless and it would get rid of the high maintenance tape systems we have all suffered with for 20 years.

And so it has been for notebook users and home users backing up individual files – Office documents and photos etc

It has not been so good for business systems and, in particular, servers that businesses own.

There are a couple of key reasons today why we cannot use over-the-Internet backup for servers.

The first is that broadband in NZ is not so fast. At 1Mbit/s you can transfer approximately 400Mbytes an hour. Until recently all DSL broadband plans like Jetstream, Bitstream etc (that were the only broadband option for most NZ companies) were restricted to 128Kbit/s (an arbitrary limit invented by Telecom’s marketing department). That meant you could only backup 50Mbyte an hour at best. Most of our customers are backing up tens of gigabytes (1 Gbyte = 1000 Mbyte) a night so a full backup was not possible. DSL Broadband got better in the last few months (up to 700KBit/s) but this was still nowhere fast enough to replicate the full backups we do to tape every night. You could get clever and do partial and staged backups but this still was inadequate for volatile database files like Exchange databases.

The second issue is restoration. There are many Internet backup systems that are brilliant at backing up and restoring individual user files. These are the services that notebook and home users use. The problem is that Windows 2003 is brilliant at restoring individual user files and Exchange 2003 is better than most of these services at restoring individual emails. In 2007 you only need to go to your tape backup for the large restores like losing your Exchange database or your entire drive. In these cases no matter how cleverly you broke up the backup to accommodate insufficient bandwidth you will need to do a full restore and quickly. In NZ it is just not feasible to bring 30 GBytes back over the Internet using DSL. So the restoration will involve some kind of physical swapping of tape drive or hard disk. Most restorations will have to be custom solutions.

There is hope. Where a Line-of-business application is less that 100Mb it is very feasible to backup overnight (particularly now that Telecom’s onerous data charging has been paired back) and restore effectively. Exchange 2007 has built in features to trickle every small change over an Ethernet connection in real time. This resolves the backup half of the equation.

In the interim the only way to get effective over-the-Internet backup is to have a replication server. With products like double take you can have every tiny block write on your live server’s disk copied over the Internet to a replication server that is an exact replica. The software is not cheap ($5000 USD license for each of the two servers) and you need two physical servers. But if you have to have over the Internet backup today this is the way.

Xtra salespeople are walking the streets door knocking in order to win back customers.

While the rest of the business world is spending every waking moment thinking about the wealth creation possible through Internet marketing the Xtra/Telecom broadband monopoly is burning shoe leather to make sales. Technological communism. The government mandated breakup can’t come soon enough.

One of problems in having your own internal IT guy is that there is no peer review. The IT person is isolated and works without restraint or review. In contrast the engineering team assigned to you on your LANcom 770 plan works to continually approved methodologies and techniques and the work that they do is under consistent peer review.

When you employ your own IT guy there are no guidelines and no review.

The biggest meltdowns we come across –system failures where there is no full recovery and partial recovery is expensive and long winded - are always where the lone IT guy has gone feral. More often than not the system failure was self inflicted by a massively overconfident operator who had no body to rein him in.

Wireless networking (WiFi) has been one of most disappointing technologies of the last few years. It promised a lot but has often only delivered frustration. On paper a $200 WiFi access point and $1000 of WiFi access cards could make $6000 of cabling redundant and avoid the clutter of using cables. It hasn’t panned out.

Security has been a headache for WiFi from the start. Traditionally your standard cable based local area network came with some very good security built in. It’s called your front door. For a hostile user/hacker to get a device onto a standard network running on standard twisted pair cable they have to physically get into your building. With a wireless system they can often sit across the road.

The WiFi industry has a poor record in addressing the fact that your WiFi network can be very accessible to anybody near your building. From day one most WiFi Access points have shipped ‘open’ which means that the default mode is to accept connections from anyone. Remarkably this continues in the name of usability.

There are ways you can secure your wireless access point.  The WiFi industry got this wrong as well. Their original security regime WEP (Wired Equivalency Protocol) was difficult to hack but still hackable. You needed specialist software and that software needed a week or so of encrypted packets to break your encoding. But after a week of sitting in a van on the road next to your office your opposition were now able to connect to your network without having to be in your building. Not good.

After much anguish the WiFi industry got it right and brought out the WPA (WiFI Protected Access) encryption protocol. This was done properly and for all intent and purpose is unhackable.

The affordable units suffered from overheating and consequent freezing. In 2005 sat in a meeting where a representative from the largest wireless manufacturer told me this was a fact of life until the next model.

All wireless services – radio, television, cell phones, WiFi - suffer from the same two curses - Interference and blockage. Cordless phones share the WiFi frequencies as will your neighbour’s WiFi systems. WiFi has difficulty getting through concrete floors and walls.

One of the reasons WiFi has looked so poor is how reliable twisted cabling (the stuff you use now) actually is. Those long in the tooth will remember the Coaxial that was widely used before twisted pair and how one user unplugging his/her computer could bring down the entire LAN. For all practical purposes twisted pair cable doesn’t fail. So even a relatively stable WiFi system that well planned that falls over an hour a month (that’s 99.98% uptime) is seen as far less reliable.

If you are going to have one access point for casual use or the use of visitors (make sure you firewall properly) then you can deploy a single access point quite simply

For anything else the only effective way to deploy WiFi widely is to do a comprehensive site survey that measures each room and determines how many access points are necessary and where they should be. Even after all this planning an inconsiderate neighbour could ruin it all. For this kind of hassle twisted pair cable starts to look attractive again.

As ever the technology is getting better and there will come a tipping point. It just isn’t here now.

Apple has moved it’s flagship Mac computer to run on the same Intel chip that PCs do. One of the outcomes of this is that the Apple iMac can now run Windows XP from bootup if you choose.

We shipped about 20 Apple iMacs last week. They were all running Windows XP. The client was a school who wanted their students to get a great experience using the school’s computer. They felt that the experience would feel better for the students if they sat down to a Mac even though the actual learning applications ran on Windows and could run on any Windows PC.

It is a nice story because it is what Apple has been teaching the personal computer industry for over 20 years - that the user experience is everything. The most important outcome LANcom should target from it’s work is that every time one of our customers gets up from working on their computer they should have had a satisfying experience.

Everything else is contributory. Apple got this years ago and it has been the cornerstone of this mavericks survival in the difficult years and prosperity in the buoyant years.

Why spend on Information technology? What will you get out of your investment?

At LANcom we can demonstrate what IT does for you and what may be the benefits to your business (you decide if they’re real). We are also in a great position to see IT investment across a whole range of kiwi businesses. 

There are three reasons why LANcom customers invest in Information Technology.

•  Decreasing your costs
•  Increasing your service levels to your customers
•  Making life easier for your employees

Ten years ago the dominant reason to buy IT was to save money. “I am spending $4000 per month faxing Japan. If I start using e-mail that cost will drop to $400 per month. Spending $5000 on an e-mail server is an easy decision”. Naturally there was lot’s of talk about return on investment (ROI) at the time as this kind of investment shows a direct return that is easy to quantify.

More recently the dominant reason has become increasing customer satisfaction. “If I set up a web site customers will be able to check out the status of their orders 24/7″. There is no immediate cost saving to balance the extra cost of the new technology (in this case a web site with customers orders on it). It will cost you more money than before. The return is from keeping customers and getting new customers by getting a service edge on the market. Of course your competitors catch up and soon deploy the same technology and soon having a web site to service customers is just part of the cost of being in the game.

The third reason is obvious. If your staff have quality equipment to work with they will be happier and more efficient. Nobody needs a bigger screen than they have already. It just makes it easier to work.

This break from straight cost-saving investment has made the investment and return equation complex. Often quantitative analysis is not done at all and the decision maker makes a gut decision. As Kiwi companies get more and more dependent on IT and as their future becomes more and more dependent on quality IT investments these ROI calculations will have to be made. We will all have to up our game in making quality ROI estimates.

This was a chapter from an Internet security backgrounder report I wrote about two years ago.

I wrote a Spam backgrounder today (posted soon) and it made me think of this.

It’s still a valid question and it most often gets answered in slogans (Microsoft = bad etc) so I thought I would post it.

In the last 20 years the two most influential and dominant forces in computing have been Microsoft software and the Internet. If you know a little of the history of each you will better understand why there are tens of thousands of viruses and security that seems so poor.

Microsoft Software

In 1990 Microsoft was an important, but by no means the only dominant player in the incredibly fast growing personal computer market. Although Personal computers had been around since 1978 (the Apple II) there were still very few true cross vendor standards.

The keystrokes to print in the market leading Spreadsheet – Lotus 123 – were completely different to those needed to print in the market leading word processor – WordPerfect. There were competing network standards and it was rare for computers to be able to connect to similar computers and almost unheard of for connection between dissimilar Personal Computers.

In 1990 Microsoft released Windows 3.0 which was about to change the landscape in usability. To print was now File/Print for any application running in Windows. Within a couple of years Windows for workgroups made it simple for a user to connect their PC to another without extra software or expert help. Applications were enhanced so that they could cooperate – Excel spreadsheets could be embedded in a Word document.

In 1990 just getting computers to work for ordinary people was the biggest challenge. The next 10 years of development at Microsoft was focussed primarily on making computers as easy to use as possible. Software was designed to be as obliging as possible because the number one problem was complexity and before the Internet the only people who could connect to your computer were in you company. Why would the Sales Department start hacking into the Accounts Department?

The Internet

In 1973, the U.S. Defense Advanced Research Projects Agency (DARPA) initiated a research program to investigate techniques and technologies for interlinking packet networks of various kinds. This project developed the TCP and IP protocols that were to become the backbone of the Internet.

By the late 70s the project had been handed over to the University community who used it to communicate between their sites. Development was fast but growth of the network much smaller so that most of the Internet’s major protocols were designed on a network where there was almost no anonymity –  In 1984 when the Internet standardised on TCP/IP for its communication protocol there were only 1000 sites on the system and everybody knew everybody else. Today there are over 250 Million computers connected and your connection can be reached by any one of these

Microsoft software on the Internet – eager to please software on a trusting network

So when Microsoft software started working with the burgeoning Internet it was, in hindsight, a predicable debacle. The core protocols (TCP/IP for computer connections connecting, SMTP for e-mail, HTTP for web browsing) of the Internet allow anonymous interaction and fundamentally trust that the other end of the communication does not have malicious intent.

The trusting Internet delivers these connections to Microsoft software that is way too eager to help out. From its early days Microsoft Outlook has been designed not only to help people construct and send e-mail but also any other program on the computer. When you click File/Send in Excel it is outlook that steps up and sends the Spreadsheet file on behalf of Excel. The problem has been that until the latest two versions Outlook did not discriminate who it helped out.  So if a virus got on your computer Outlook would give it the list of all the contacts you had in you contact folder and send virus infected e-mail to these people when requested by the virus program.

Microsoft has been widely criticised for its approach to security. The reasons why they got caught can be explained but they certainly have been very remiss until recently in facing the problems. They have spent most of their time on the Internet lagging behind security threats.

Microsoft was late to the Internet party itself but managed to turn around a sizable handicap into technology leadership on the Internet. Hopefully they can focus the same energy to their Internet security problems. Recent releases are encouraging.

One of the design outcomes of the Internet was anonymous access. It is unlikely that this was a design goal but rather identification and authentication seen as unnecessary on a Network where everybody was accountable. For many of the services on the Internet malicious and unaccountable users make anonymous access less and less feasible. The Spam epidemic is the best example of this. You can expect to reveal your identity (explicitly and implicitly) more and more often when using the Internet.

Spammers can be easily identified by their ISP’s by measuring their traffic usage. For their type of ‘marketing’ Spammers need to send millions of the same copies of e-mails to millions of mailboxes in a few hours. One server connecting to so many other mail servers over TCP Port 25 over such a short time will stand out from the other 99% of traffic. No actual private content would need to be read. The offending server could be cut off or throttled so that it could only send 100 or even 1000 e-mails an hour. This kind of sending rate will send the Viagra type spammer broke.

The only problem is that in 1% of the time the behaviour may be legitimate. Any company with a large consumer base could show this behaviour when they send e-mail messages to all their consumers.

So why not create a register for companies who want to use the Internet e-mail infrastructure to talk to their customers?

The problem is that if we looked closer at a lot of these companies they are, apart the products they sell, hard to distinguish from the Spammers themselves. Lazy marketers who knock off an electronic flyer and then send it to every e-mail address they have acquired are in fact Spammers themselves. They would be blocked just like the Viagra salesmen.

So unless your company follows the rules of Permission Based Marketing – that messages should be personal, relevant and anticipated - when you send e-mail marketing messages out you are part of the problem.