As I take a closer look at MOM 2005, it is clear to me that Microsoft is doing the right things regarding the evolution of management packs (MP).
For those who don’t know, a management pack is a collections of health defining rules, reports, executable tasks and sets of criteria that are used to identify and track the health of an application on a single server or across servers. For every application that you monitor with MOM 2005, there usually is a MP if its a Microsoft product. MS has promised to ship each server product with its MP, but they don’t always make it. I hope they get serious about keeping that promise, the mp for Virtual Server is sorely needed.

In the MOM 2000 and MOM 2000 SP1 days, when MS was frantically trying to rebrand the code that they had bought from NetIQ (who bought it from Mission Critical), MP’s basically scraped the event logs and raised alerts when it found someting it didn’t like. It wasn’t even very good at telling you when a server had gone down. OK, I will say the AD and Exchange mps were a little more sophisticated, running scripted responses, and synthetic transacitons to determine response times etc. Overall there was plenty of room for growth.

One of my biggest gripes about MOM 2000 was the lack of state awareness, and apparently this was the gripe of plenty of other folks as well. The only way you could tell that an app was healthy or not was if it had associated alerts in the consoles.

Management packs in MOM 2005 go a great distance towards addressing these shortcomings. To start with the authoring of management packs starts with developing a health model of the application, the health model is based on indicators (event log events, perfmon counters, WMI providers etc.). This allows you to produce what MS calls a level 1 MOM 2005 MP. Level 2 MP’s include state rollup features. The State of any monitored application or server is a composite of all the lower level components and health indicators. You can configure how you want the top level State to reflect the condition of the lower level contributors. It is some %tage representation of the best to worst state of the components. Also included are tasks, which are available in the new Operators Console. The tasks that are available are context sensitive to the appliations on the server you are examining and basically, they are shortcuts to the tools you would most commonly used for troublshooting. For example, if you are looking at an alert on a domain controller, a task that invokes DCDIAG is available and enabled, which it would not be if you were examining a member server.

The third (and last) level of management pack includes Report definitions for consumption in the new MOM Reporting Console. This is makes use of the new SQL Server 2000 Reporting Server services which draws its data from an automatically populated datawharehouse. Throw in the ability to create test transactions that feed into state awareness for the application, like the client side point of view of the response time to an LDAP GC/DC query or the responsiveness of an Exchange server and you have a tool that will help you know what is going on in your environment right now.

There are a host of management packs for other platforms and devices and with those added in, MOM 2005 starts to look like a true management framework. I personally would like to install the Cisco agent so I can elevate monitoring of my physical layer into the dynamically generated topology diagram.

Still lacking in MOM 2005 is the ability to do predictive modeling based on previously gathered performance and hardware baselines. The Dynamic Systems Initiative (DSI), as advertised, should fix this and do much more.

In some areas, the Microsoft platform is still viewed as the plastic toy cars when compares to their SUV peers in the big iron and UNIX fields. By making its platform the easiest to monitor and manage and model on, Microsoft will raise the bar in such a way as to make even the most ardent nay-sayers pause and take another look.

Agree with me or not, let me know!

Imagine that you’re the product manager in charge of the next version of Internet Explorer, the beta of which is due this summer. You’re the God of IE, in charge of the whole shebang, and so you get to decide what to add, what to improve, and what to kill.

What would you do?

I have a short list of what I’d like to see done to IE:

• Add tabbed browsing, so that you can visit many sites simultaneously. Why Microsoft hasn’t done this yet is one of computing’s great mysteries.
• Untangle IE from the operating system. Having the two tied together means that an attack on IE is an attack on your entire computer. So separate them.
• Kill ActiveX. It’s flat-out too insecure.
• Include anti-phishing tools. IE should be able to warn you away from spoof sites. Microsoft says this feature is on its list. That’s good news, but I’ll believe it when I see it.
• Build anti-spyware features into the browser. Despite some flaws, the beta of Microsoft Antispyware is one of the best anti-spyware tools available. But a good deal of spyware gets installed straight from the web, so those tools should be built into the browser as well.

There’s more I’d like to see as well, but that’s top of my list. How about you, though? If you were the God of IE, what would you do to the browser?

If you were in charge of Internet Explorer, how would you change it?

Maybe, just maybe, Microsoft has gotten religion when it comes to spyware and how vulnerable Internet Explorer is to attack. But I worry that the company has only half-way measures planned, and won’t take a few major steps it needs to take to lock down the browser.

Bill Gates, at a keynote speech at the RSA security conference, said that Internet Explorer will finally get a new version, Version 7, well before Longhorn is expected to hit. Beta is due mid-year. And that new version, he claims, will include features to fight spyware, phishing attacks, and malware.

In essence, Gates was forced into this. Firefox is a far superior, far safer browser, and it’s been eating away at Internet Explorer market share.

At the show, Gates was short on details, so we don’t really know how IE will protect against these threats. But no matter how safe Microsoft makes IE, I worry that there are several things that it won’t do, but should. It should do away with ActiveX controls altogether; it’s simply too dangerous a technology and should be abandoned. That would increase safety significantly.

Even more, it should no longer tie IE directly into the operating system. Having the two so closely tied together means that an attack on IE is an attack on your whole computer, not just your browser. There’s no technical reason IE can’t be untethered from Windows; after all, Firefox and other browsers aren’t directly tied in.

I don’t expect this to happen, though. But I do hope that Microsoft will use the revamp of IE to finally give it tabbed browsing, which the company inexplicably has so far refused to do.

In other news from the conference, Gates said Microsoft won’t charge for its consumer antispyware product, which is still in beta. A new version of it, he said, will be out by mid-year. This is very welcome news, because despite some flaws, it’s a very good and useful piece of software.

The good news in all this is that Microsoft is finally committed to fighting spyware and other malware, and has changed its product plans accordingly. But I worry that it will only take half-way measures.

What do you think about the Microsoft security announcement? Let me know.

It hasn’t been a good week for Firefox and its fans. First, the Danish security company Secunia warned that it had uncovered a vulnerability in Firefox and other browsers that can allow the URL displayed in the address bar and the SSL certificate to be spoofed, which means the browser and others are vulnerable to phishing attacks. The flaw affects all browsers built using the open-source Gecko browser kernel.

And this time around, Internet Explorer is not vulnerable to the attack.

Making matters worse, a few days after that, a security researcher found a trio of security bugs that affect Firefox and Mozilla — but not Internet Explorer. Among other dangers, the bugs can allow someone to steal your cookies, and then use them to find out personal information about you and log into web sites with your login.

Perhaps most disturbing is that as of this writing, although fixes have been found, they have not yet been rolled up into a patch, or made available in a new Firefox version that can be downloaded and installed.

I’m a big Firefox fan, and I tell everyone I know to give up IE and use it. But this news doesn’t bode well for the browser. Its increasing popularity will mean that it will be subject to more frequent attacks. Worse, though, is that as of this writing, the fixes aren’t publicly available. People have rightly accused Microsoft of not posting security patches quickly enough. But up until now, Firefox developers have always been quick to react with security fixes.

Let’s hope that this is an anomaly, and patches are posted quickly. I’d hate to see Firefox get bedeviled by the same problems that afflict Internet Explorer.

What do you think about how Firefox handles security flaws?

Related link: http://www.csthota.com/blogmap

I took some “time off” this weekend and gave my good old BlogMap project a complete makeover. So, here is my new BlogMap: http://www.csthota.com/blogmap; try it out!

You can read the full “release notes” here: BlogMap Reloaded.

So, are you on the BlogMap yet? Try it out and send me your feedback!

To use the Internet is to be annoyed. Annoyed about spyware, pop ups, and spam. Annoyed at security holes in Internet Explorer big enough to drive a truck through. Annoyed at clueless ISPs, cable modems that won’t work, hot spots that aren’t so hot, and search sites that inundate you with ads instead of search results. Annoyed at…well, you get the picture. There’s a whole lot to be annoyed about.

I got so annoyed at all this and more a while back that I decided it was time to write a book about it. The resulting tome, Internet Annoyances, just came out.

To celebrate its publication, I’m taking a very public poll. So tell me, what’s your worst Internet annoyance? No annoyance is too small or too big to mention, so talk back to me and let me know. Who knows, the annoyance might end up in the next version of the book.

What’s the worst Internet Annoyance of all time? Come on, tell us and get it off your chest.