Friday, August 28, 2009

Technology Conferences

I just returned today from ILTA's 2009 conference in Washington D.C.    The conference is always a great opportunity to network and find Legal Technology specific information.  This was my fifth year, and although attendance was impacted by the economy the education and networking didn't suffer a bit.

So what take away's did I walk away with?  Well there were many.  Email management still seems to be a painful topic for most law firms.  Time and time again I heard from firms struggling with these issues:

  • Lack of  firm email retention polices.  Conflicting and rapidly changing requirements result in firms talking but doing nothing.  Save everything forever ends up being the standard.
  • Lack of tools to satisfy the needs of complex policies that require different retention/archival times based upon areas of law, groups of attorneys or specific industry requirements.
  • Lack of scalable archival tools.  There are some on the market but things like archival indexes and two tiered storage options leave firms wanting more.
  • Huge software maintenance costs and low value.  Say no more...
  • Slow Outlook performance due to "Save everything forever"
  • Issues upgrading Exchange because of compatibility issues with plug-in/s for meta data removal, virus scanning, dms integration, encryption, unified messaging, etc....
  • Records management as it pertains to email.  Even simple point and click tools are too much of a pain for an attorney if he/she can't do it from their berry.

Surprisingly, spam and antivirus weren't huge issues as they once were.  Thanks to the development of cloud and appliance based tools you can actually buy your way out of these problems today.

Lots of talk about SharePoint and other portals.  Many firms have committed to SharePoint and they pay quite a pretty penny to keep it running and keep specialists on board.  Others are frustrated by it's limitations and have developed ways "around"  SharePoint.  Personally I don't like either answer.  Our extranet provider has turned out to be a utter disappointment in regard to flexibility and performance so I'll need to work on this a bit.

Social Networking also was a new topic picking up interest....both in what to do about it and and to use it to your advantage.   Although I didn't sit in all the sessions, I didn't hear specific answers to these questions but it was great to toss around the topic with others. 

E-discovery raised it's ugly head again (sorry that's just how I feel abouit it) but not too much new in this arena.  I'm sure the e-discovery vendors would tell you otherwise but it seemed to me like they are still catching up on features that people need and are still "behind" the curve.  Hopefully in the next year or two they will move from reactive to preventative.  Isn't it interesting that they spend all their time worry about old data  and they don't submit tips on how to keep corporations out of trouble?  They already know what not to do but they don't communicate that effectively.  It would be a whole new market for them if they looked at what their clients wanted.  There was a great reference of this by a speaker one morning showing a picture of a drill.  When the CEO of the company asked his employees what it was they said it was what they made... they said they were the world's best power tool supplier (or something like that).  Then he had a slide with a picture of a hole in a wall.  The CEO told his company that this is what people actually wanted...not the drill.  A very insightful observation...

There were many more topics covered and I'll try and write a second edition of this post after I review my notes more.  This is just a summary of the topics I found most compelling.

Tuesday, August 18, 2009

ShoreTel Firmware Upgrade and Lessons Learned

So we did an upgrade on our ShoreTel server, switches and phones a few weeks ago and had one small issue.  Some (most) of the phones were reporting a “Firmware Version Mismatch” when viewed through ShoreWare Director’s IP Phone Maintenance screen. (To get to this screen go to QuickLook, then pick your site, then pick your switch….about 1/2 way down the screen you see the link to “IP Phones Maintenance”.)  The problem ended up being that the DHCP options on the VOIP vlan (192.168.19.x/24) didn’t include the option for the ftp server on the ShoreWare server. image(Option 156…read the docs)  They were included on the user vlan (192.168.10.x/24) so the first time the phone boots and gets the DHCP options they did the upgrade and placed themselves in the correct vlan.  However, on subsequent reboots (and upgrades) they picked up a DHCP address and options from the VOIP vlan and since the ftp server was missing they couldn’t auto upgrade themselves.  It was an easy fix once I understood the issue.  Clear as mud right?!?!

One other cool thing I learned is that you can telnet into a ShoreTel phone and look at it’s options.  To do this you need to use a tool called “phonectl” which is part of the ShoreTel server.  Here is how you do it:

From the Shoretel Server directory run the following commands:

1. phonectl -pw <phone password> -telneton <ip address of phone>
2. telnet <ip address of phone>
3. Now, to see the config run “printSysInfo” from the telnet prompt. 

Cool.

Wednesday, August 12, 2009

Microsoft Word is Toast

http://blog.seattlepi.com/microsoft/archives/176223.asp

Long Live Open Office!!!

 

I’m saying this in jest…I’m sure Microsoft will buy find their way around this mess and Word will be just fine.  It still makes me chuckle.

Monday, August 10, 2009

Microsoft Licensing Rant

<Begin Rant>

It’s always nice when you pay a vendor top dollar for product and then have them slap you in the face with their licensing restrictions and complicated activation processes.  I fondly remember my first run-in with this nonsense…the dongle.  As in “the dongle that broke Autocad’s back.”  (For those of you that remember, way back when… Autocad required a dongle. Their sales dropped significantly as users shied away from their systems to use alternatives that weren’t hobbled with software protection.)

I’ve been reviewing the changes in Microsoft’s Volume Licensing procedures and the whole process still strikes me as a sign that Microsoft has lost as much confidence in their customers as their customers have lost in them.  Don’t get me wrong, I believe that for commercial software vendors to work and make a buck they should be paid.  However, hamstringing customers that are actually paying the bill is like a waiter spitting in your food as he hands it to you because you “might” run out before you pay the check.

So it turns out that very little has changed with Microsoft licensing.  They still force you to use KMS (and have your pc check in every 180 days) or MAK (and burn a license that can never be recovered should you ever have need to rebuild the box from the ground up).

They give these examples of why this is process is “good” for you:

  • It reduces the risk of running counterfeit software.  Um…s’cuse me but if I paid for it I did my part.  It’s Microsoft’s burden to hunt down counterfeit outfits not mine.  What they are really saying is it makes Microsoft’s job easier by making it harder (not impossible) for counterfeit software to exist.  Again…why am I paying for this, why do I have to do all this extra work setting up KMS servers and why is this my concern?
  • It assures that your copy of Windows is genuine. Once again…why do I care if I’ve already paid for it? What they are really trying to say is that we don’t trust you. To top that off if you aren’t running genuine software you don’t get to talk to Abu in India if you run into any problems with our software.  But…if you can prove to us that you actually paid for the software we will provide support to you by an untrained technician from another country in another time zone who talks with a thick accent and is sure to walk you through at least one reboot before kicking the call up to his buddy that had the 2 week training course.  Thanks. That makes me feel better.
  • Activation = Greater piece of mind. Um… No it doesn’t.  The ability to support my users around the world with software that’s not gonna nag them or spontaneously combust into a flurry of license warnings and reduced functionality= greater piece of mind. Wait..that’s not fair. They got rid of the reduced functionality part. Sorry.
  • Assists with license compliance.  Really? For licensing compliance I have to run multiple reports and then I have to compare what I bought to what the reports say.  Then I have to verify that my payments were for the right products and made on time. Then I have to verify that my KMS server or MAK proxy has a clear line of sight to Microsoft at all times so the whole kit and kaboodle doesn’t tip over while I’m worried actually getting non-licensing related work done. How is that assisting me again?

The product key way of doing licensing was bad, but these approaches are worse. They are harder to administer, more likely to leave users unable to work and a huge slap in the face of paying customers. 

On a final note, I bet that the restrictions on licensing in Windows 7 (and Windows Server 2008 R2 for that matter) will limit the amount of counterfeit installations.  I bet it also will help to sway businesses (especially ones that couldn’t afford Microsoft software anyhow) over to Open Source software solutions.  This has and will continue to be detrimental to the sales of Microsoft products.  That my friends is Technology karma at it’s best.

</End Rant>

Thursday, August 06, 2009

Port Listener for firewall testing

I found this cool little tool today for testing ports open through a firewall.  In my lab, I’m trying to simulate my pfsense firewall and it’s a pain to setup a box as a mail server, an http server, an ftp server, an https server, etc… just so that I can test each rule.  This little utility runs and lets you pick a port to “listen” on.  Then to test, say port 25, just run a “telnet 10.1.1.1 25” and you’ll get a “Hello” response if the port is active.  Simple, effective and elegant tool to add to your toolbox.

imagePort Listener v1.01

Wednesday, August 05, 2009

pfsense Monitoring (rate vs. darkstat vs. bandwidthd)

So now that we have our first pfsense box up and running, I’ve been comparing and contrasting what options I have as far as monitoring goes.  I’ve loaded rate and darkstat on one box and bandwidthd  on another.

I’ve had a lot of trouble with rate.  It installs ok, but it seems temperamental in regards to browser. (Firefox seems to work way better then IE here.) This may be due to the requirement for the Adobe SVG viewing plugin, but I can’t really tell.  Unlike the other two tools that add themselves as new option to the menus, rate plugs into the built in Status –> Traffic Graph item.  When it’s working it’s ok, but the numbers seem to change so fast that it’s not as useful as the other tools which are more focused on long term trending.  As Adobe has discontinued support for the Adobe SVG viewer I’d probably lean away from this tool anyhow.

image

darkstat is nice, but as it runs on port 666 it’s generally something I only open up from the inside interface.  That limits it a bit for me as I do a fair amount of remote monitoring.  However, it has a “hosts” page which breaks down traffic by IP which is very useful.  You can even sort by traffic in, traffic out and total traffic. You can find it under diagnostics, darkstat.

image


image image courtesy of the dartstat website

 

bandwithd is probably my favorite of these tools.  It’s nests itself under the https port so you can use it remotely. It drops your top 20 IP’s in a list for easy inspection and it breaks the traffic down into individual graphs for a variety of services.

image

image

As you can see there are quite a few options to slice data in pfsense.  The built in Status –> RRD Graphs are also excellent for long term trending.  pfsense has proven to provide more capabilities in regard to traffic monitoring and collection then I had with my old PIX.

Happy firewalling!