- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Nov 5, 2001 (Vol. 6, #85 - Issue #320)
WinXPnews Unveiled Soon
  This issue of W2Knews™ contains:
    • Get Ready To Opt-in To Get WinXPNews!
    • Need To Boost SQL Performance? Pros and Cons
    • Microsoft "Kind Of Wins"
    • XP Slower Than W2K? - More
    • Don't Know What GPO's Are? Than This Is Not For You
    • How A System Integrator Protects Their Web Servers
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Cisco CCNA Training Kit, Exam #640-507
NTP Software has the most advanced storage management technology for
Windows. Quota & File Sentinel is the only product that installs
without a reboot, has policy-based management with automatic
replication of your storage policies, and integrates with other
products such as Storage Reporter, PerfectDisk, System Sentinel,
even Virtualization and Archiving products.
Visit SRM with EASE for more information.

Get Ready To Opt-in To Get WinXPNews!

Hi All,

We're very happy to announce our new E-Zine for home users and small business: WinXPnews. By our next issue you will be able to go to the site and opt in to get it once a week. You will soon see the first issue. What you told us you wanted are articles in the sections below, and of course we'll also cover all kinds of new stuff coming out for WinXP.

  • Editor's Corner
  • Hints, Tips, Tricks & Tweaks
  • How To's: All The New XP Features
  • WinXP Security: Updates & Patches
  • Upgrading & Compatibility Issues
  • WinXP Configuring & Troubleshooting
  • Fave Links
Warm regards,

Stu Sjouwerman (email me with feedback: [email protected])


If you want to learn more about Intense School's No money down

and No payments for one year financing call toll free

1-800-330-1446 to speak to an Intense School Specialist.

Visit INTENSE SCHOOL for more information.

Need To Boost SQL Performance? Pros and Cons

We found in a recent MS-SQL stress test that the log file is I/O bound and suggested to cache this file. That will improve performance, but also has some drawbacks we want to discuss. I have received feedback from different people that all commented on the drawbacks of this approach. Here are is a compilation of the people that whacked me around the head with a 2 by 4. [grin] Thanks for the data guys!

There is a very good reason for a database log file. One of the reasons for having a database server is to keep data consistency whatever happens, even with a software/hardware outage. In order to speed things up, rdbms's store data in memory, as data is randomly accessed. This gives a little dilemma. In order to maintain the DB consistency (including hardware failure), and keep speed to a maximum, there must be a trade off.

Databases achieve this with the log file. Every time a write happens, it is appended to the end of the log file. This allows databases to store considerable amount of data within memory without the need to commit it to disk. Hence also lowering random access on the disks. Every time a database starts-up, it will check the log against the data and do any modifications necessary.

The SQL log file is the single most important part of the server. Every transaction is physically written to the disk before being committed to the SQL database. This is a prerequisite to ensuring an adequate disaster recovery procedure. If the server fails all you need is you backup tapes from last night and your log files. By saying one should have a UPS on the SQL server, that only guards you against power failures, but not server lockups, device driver lockups, software lockups, etc.

If your log file writing is becoming a bottleneck then you can also improve your drive setup. Using RAID 10 arrays with 4-6 disks for your log files helps. This is usually because the backend SAN has bucket loads of capacity for the data store so you need an equally capable store for the SQL logs.

If SuperCache is wiped during a power outage (for instance by pulling the wrong cable out of the UPS by mistake) It would be bad if you are counting on your transaction log to save your behind (ROLLBACKs and COMMITs were created for a purpose) during a disaster. Here's a scenario. Let's say, a million row insert in ten different tables only to have the machine come back with half of them inserted and the other half gone for good. How to correct?

Caching the partition using the "lazy write" option could cause log file entries to fail because they were in the cache buffer when things went wrong. Having the log file on a dedicated disk channel (controller/ drive combination) is an alternative you should look into. Another possible trick is format the drive as FAT, not NTFS, as there is less overhead involved.

And another approach to get rid of the I/O bottleneck would be to buy a caching RAID controller, with built-in battery backup, and perhaps specify NO LOG but that is risky as well. What if the CPU fails, the power supply goes, or a memory chip fails? Any one of these things happen and you have data loss and worse: possible database corruption. The log file is the key element to the SQL database integrity. It should not be messed with unless you know exactly what you are doing.

Well, that was the other side of the picture. Now it's up to you guys to decide how you want to boost SQL. And as a little bit of help, we are making a free chapter available of Curt Aubley's new book "Sizing and Tuning SQL" on the SuperCache page in the section White Papers, Documents and Other files. Have fun with this PDF!


Microsoft "Kind Of Wins"

Like I have said in many earlier issues, there is not really anything to worry about MS long term survival, and that for us techies it is business as usual. This new latest development does not change my position. It was, is, and will be business as usual, except for the fact that after the 3 years this whole thing took, MS will have a few restrictions on business practices to comply with (it had already largely abandoned these anyway). There will be no restrictions on the new WinXP.

The U.S. Dept of Justice announced Nov 2, 2001 that a settlement with Microsoft has been reached in the DOJ antitrust case. The agreement "imposes a broad range of restrictions that will stop Microsoft's unlawful conduct, prevent recurrence of similar conduct in the future, and restore competition in the software market, achieving prompt, effective and certain relief for consumers and businesses," as per the statement from the Justice Department.

The 18 states participating in the lawsuit did not agree to the settlement but any appeal by them needs to be decided by the same Judge that approves the reasonableness of the current settlement, so that appeal hasn't got a chance. Judge Kollar-Kotelly needs to approve any settlement agreement among the parties but since all parties that are directly involved have bigger problems to handle, it is my expectation that this will resolve quickly. Of course some of the old anti-MS jihad are crying again but what else is new.

Under the agreement, Microsoft will have to license its OS to key hardware manufacturers on uniform terms for five year chunks. The agreement also prevents retaliation by MS against any of their customers that choose to use non-MS middleware software, and MS has to open up some of their API's.

Some of the key settlement points are:

  • Middleware products will be broadly defined and include browsers, instant messaging software, media players, e-mail clients, and other future middleware developments.
  • Consumers and hardware companies are free to replace competing middleware software on any MS OSen, with compulsory licensing of any intellectual property to hardware and software developers to exercise their rights under the deal.
  • A panel of "Three Wise Men". These are on-site, independent experts to help enforce the settlement, with full access to all MS records, staff books and source code.
Looks like a fair compromise that leaves everyone mildly unhappy which is the best thing you can get in this kind of litigation anyway. Could have been worse. Here is the official DOJ press release:

And here is the MS view on things:

XP Slower Than W2K? - More

I told you this would be a controversial topic. The tests done by InfoWorld seem real enough but for instance they did not test with the Athlon processor. Here is some one that has a very positive experience with WinXP.

"Regarding your mention of the InfoWorld article stating that Windows XP is slower than Windows 2000, I would like to refute this with my "real world" example.

My home computer system is an Athlon 950, 512MB RAM, 30GB 7200RPM IDE Hard Disk. I previously had Windows 2000 on the system, and it performed well and was very stable.

I recently replaced Windows 2000 with Windows XP on this system and am very impressed with the results. For one thing, the system literally boots up (to the login point) twice as fast as Windows 2000. I have noticed that programs are more responsive ("snappier"). I use this computer for video editing primarily, which involves a lot of CPU time for rendering. I have not noticed any significant performance difference in this area (which I would expect.)

I intend to replace Windows 2000 on my desktop at work with Windows XP as soon as possible, and would cheerfully recommend to others to do the same. -- Paul Morey, Hansco Information Technologies, Inc."

Thanks much Paul. I'm sure there are many other positive results out there. Have one? Write to me!


Don't Know What GPO's Are? Than This Is Not For You

If you do not know what GPO's are, this article is not for you. If you do, read on! You'll love this product. FAZAM 2000 (made by FullArmor) provides you with management and analysis of your Group Policy Objects (GPO's), which everyone agrees are a major headache in the more advanced environments.

Let's cut through the hype. Technology plays a critical and measurable role in your company?s survival. W2K based IT infrastructure can dramatically improve overall business performance. If done right. You need some third party tools to get that really done. Enterprise policy management simply is needed in mid- to advanced W2K environments. FAZAM 2000 complements and enhances Microsoft?s policy management initiative.

FAZAM 2000 is a critical solution for enterprises that are looking to take advantage of W2K-based IntelliMirror management capabilities. FAZAM 2000 features include Resultant Set of Policies (RSoP), restore and back-up capabilities, reporting and searching features, delegation options, and scripting. By automating the labor-intensive tasks of GPO creation, distribution and management, FAZAM 2000 is quickly becoming the critical solution for corporate enterprises and ASPs looking to increase the speed, effectiveness, and scalability of their W2K deploy- ments and ongoing management. Use FAZAM 2000 to simplify Group Policy with:

  • Resultant Set of Policies
  • Provides Resultant Set of Policies (RSoP) or the set of effective policies that apply to a user when logging on to a machine.
  • Multi-Forest/Multi-Domain GPO Replication
  • Ability to create GPOs in one domain and replicate them to other domains and forests.
  • Reporting
  • Allows you to view detailed reports on GPOs in Active Directory through MMC console or Web Browser.
  • Automating Administration
  • Allows an administrator to script the backing up, importing, and reporting of GPOs.
  • A Policy-Centric view of Active Directory
  • Provides a view of Active Directory with Group Policy links and filters. Back Up, Restore, and Import Allows administrators to back up and restore individual GPOs on a domain including filters and links.
  • Policy Auditing & Diagnostics
  • Provides administrators with the ability to perform remote diagnostics from a central administrators' console.
You can check the product out over here:

How A System Integrator Protects Their Web Servers

"I am the President of a Systems Integration Firm in the San Francisco Bay area. As such we run several IIS web and email servers. One of our web servers was being attacked EVERY DAY, mostly from overseas, but occasionally from other countries and the US.

"We were certainly on someone's list and under attack every day and night. What to do? Our firewall did a good job, but the http attacks came right in. Then we heard about the SecureIIS application firewall and put it on each of our servers. It was simple to install. Checking the options you want is also straight forward.

"After installing SecureIIS, the attacks kept coming, but now they were all stopped at the door. The week after we installed SecureIIS came Code Red. Well, we were already protected since SecureIIS protects against "types" of attacks and not specific attacks. The buffer overflow that Code Red used was already blocked.

"One feature we especially like about SecureIIS is the "keyword" feature. If you put in a key word such as "c m d . e x e" or "r o o t . e x e " then if these "keywords" appear anywhere in a URL they are blocked, regardless of the rest of the URL content. Directory Traversal attacks are stopped as well. There is also a feature that limits which directories of your Web server are allowed to be browsed. So any attempts to activate sample code or buggy code are stopped as well.

"We were so pleased with the defenses of SecureIIS that we sent an email to our clients who have web servers and Exchange's Outlook Web Access. We strongly recommended they purchase the product within two days. Most of them did and were protected attacks the following week. Some that were a bit late got attacked that week and have since purchased SecureIIS after we cleaned up their hacked servers.

"We like products that work. It makes our job easier and our clients happier. SecureIIS works and works well - for us and for our clients. From our point of view, in addition to your firewall, any IIS web server worth protecting should be running SecureIIS.

"At a Network Security Class I teach at the local Community College I recommend each of the students (mostly IT professionals) try and use SecureIIS. It works." Check here for your own eval and more specs:


This Week's Links We Like. Tips, Hints And Fun Stuff

  • John Glenn has written a bunch of very good articles on Business Continuity
  • Here is another good site creating bootable CD-Roms for different OS's.
  • [Public Service Announcement] Tech Corps: Volunteer to help the schools in your area through TechCorps.Org. America's students need an advanced tech education today to compete in the workforce of tomorrow.

    Cisco CCNA Training Kit, Exam #640-507

    Cisco CCNA Training Kit, Exam #640-507 is a unique CBT product designed to offer both in-depth instruction on exam topics and a robust test bank of practice exam questions. The tutorials are based on the content of the two Cisco recommended training Course books for the new CCNA exam: Interconnecting Cisco Network Devices and Internetworking Technologies Handbook, Second Edition. This product offers a cradle-to-grave solution for truly learning the concepts behind the questions, so that you are not only prepared to succeed on the exam, but also as a CCNA certified networking professional. Each computer-based course in the Cisco CCNA Training Kit, Exam #640-507 offers concise tutorial, exercises and labs, study mode exams, adaptive exams, and simulated practice exams. The course navigator allows users to jump between topics, reading assignments, and exam modes. It keeps an account of your progress and tracks the results of each practice exam. 35% Discount on the W2Knews BookClub