About Ed Hands

 I have been working in the IT field for over twenty years.  

In addition to spending time with my beautiful wife and two lovely daughters,  I enjoy practicing the guitar, Tae Kwon Do, reading, and grilling out  I am always trying to plan the perfect road-trip with my family.  Hopefully there will be coffee.

The purpose of this blog is to journal my experience in the IT field and hopefully provide a useful guide to those doing likewise.  And to journal my random musings on technology, computers, or whatever else strikes my fancy.  Adult ADD FTW!!!!  Ohhh...look...something shiny....

 

Follow me!
Navigation
BlogTopSites
Technology Blogs
technology blogs
Web Directory
OnToplist is optimized by SEO
Add blog to our directory.
ping web site via FeedShark
Shameless Self-Promotion

 

 

Tags
$100 (1) 2010 (1) 2011 (1) Active Directory (2) activecho (1) AD (1) air-watch (1) Android (7) Anger (1) App (1) app catalog (3) Apple (11) Apple iPad (3) Apps (3) AVI (2) bad science (1) Barracuda (1) Barracuda Networks (1) batch file (2) Beatles (1) best commercial (1) Blogger (1) Blogs (1) Boardwalk Empire (1) cancer (1) Cannot Get Mail (1) CDW (4) certprincipalname (1) cessation (1) Chantix (1) Christ (2) Cisco (1) Cisco VPN (2) climate (1) CNET (1) coffee (1) collaboration (1) comcastbusiness.net (2) distribution group (1) DOS (2) dropbox (1) DVD (1) EMC (1) Enlightenment (1) Evernote (3) Exchange (2) Exchange 2010 (4) Fallout 3 (1) family (1) FlexClone (1) Flipboard (1) Funny (1) GAL (1) Galaxy (1) Galaxy Tab (4) global warminig (1) God (1) GoodPlayer (1) Google (3) Google Toolbar (1) Gorilla Glass (1) GPO (2) Graditude (1) hacker (1) HDMI (1) horror (2) hotels (1) HP (4) humor (1) idiots (1) IE8 (1) IE9 (1) iftt.com (1) Internet Explorer (1) ios (1) iPad (5) iPhone (7) Jamie Foxx (1) Japanese (1) kuerig (1) Lefthand (1) magic (1) Mail list (1) MDM (1) Media Streaming (2) Meditation (4) Michael Richards (1) Microsoft (1) Middle East (1) MKV (2) MobilEcho (2) Movies (3) Murdoch (1) NBC (1) NetApp (5) Netflix (2) Network (3) Nook (1) NPR (1) OAB (1) Office (2) Only connect to proxy servers that have this principal name in their certificate (1) outlook (1) Outlook 2010 (1) Outlook Anywhere (1) OWA (1) Photos (1) quit (1) quit smoking (1) racist (1) rant (1) Rants (2) Resolutions (1) Resturants (3) Road Trip (1) Samsung (3) Saturday Night Live (1) science (1) Screen Shot (1) Seattle (2) security (1) Shattered (1) Shortcuts (1) smoking (1) SMP-N100 (1) SnapDrive (1) SNL (2) software (1) Sony (1) spam (2) spam filter (3) Spirituality (1) Squarespace (1) starbucks (1) Streaming (2) Super Bowl (1) Superbowl 2011 (1) Superbowl XLV (1) System Restore (1) Task (1) Teaching (1) Television (1) The Daily (1) top commercial (1) top ten (1) Touchpad (4) Training (1) Travel (2) Users (2) Verizon (1) verizon.net (1) VMWare (2) vsphere (1) WD TV (2) wd tv live (1) WDTVLIVEPLUS (2) web (1) webOS (3) Western Digital (2) Windows 7 (5) Windows Server (3) Wisconsin Dells (1) worst commercial (1) WPA (1) WPA2 (1) XBox 360 (1) XML (1) ZDNet (1) Zen (13) zombie (1)
Friday
Mar222013

MDM Solution: Air-Watch and mobilEcho implementation

Over the past few months I have been working on a system to unify the management of our mobile devices and allow a BYOD policy at the same time. Currently we do not allow Androids in our business because of the security risk associated with them. But there is a lot of drive from our employees to go to them, as well as some good business reasons to do so as well. These reasons include the wide selection of carriers and the relative low cost of both the phones and the tablets. This makes the Android a very attractive platform. The security and fragmentation of the platform, however, have made it kind of hard to make a jump to the Android OS company-wide.

And being a small IT department of two people managing 300+ users, I didn't want to manage another device or server to accomplish these goals.

So with that in mind, I began looking for a MDM solution that would meet the following criteria:

The solution should

1) Manage multiple platforms including iOS, Android, Windows Mobile, and even Blackberry.

2) Be easy to use. I don't want to go through six weeks of training just to figure out how to use it.

3) Allow apps to be rolled out en masse.

4) Allow enforcement of security policies.

5) Allow selective wipe of company data from personal phones.

6) Roll out company settings for mail, VPN, WiFi, etc.

I chose four different solutions to evaluate. (Well, technically five, but since the Apple Configurator won’t magange Androids, Blackberries and Windows phones, it was DOA.)

The first was MobileIron. I was enthralled by MobileIron, but that soon waned when I discovered that MobileIron was on "on-premises" box that would need to be configured and maintained. But I was still tempted. MobileIron definitely has the security nailed down. I liked how it could handle rouge apps and the management seemed very smooth and tuned.

Next I looked at Meraki. Meraki was just bought by Cisco and honestly that's the reason I took a look at them. And oddly, it was also the thing that drove me away from them. Right now, the price is free. Yup, free. However, while they state they have no intentions of changing that, I have seen things like this change dramatically shortly after the little fish is eaten by the big fish. This would force me to either reevaluate the MDM solution and possibly re-implement another MDM solution at some point in the future. Worse yet, they could discontinue it all together and leave me in the lurch. It is a fine solution, and spreads far beyond just mobile devices to include PCs and Macs, but I need to minimize disruptions to the employees and this uncertainty didn't leave me with a warm fuzzy feeling.

The next two on my list were Air-watch and MaaS360, both at the recommendation of my CDW rep. After asking some folks I know at other companies and at the recommendation of some folks over at the IT Admin Forum at LinkedIn, I decided to try Air-watch first.

After they went through a short tutorial and got the initial test server configured, there were some minor issues but nothing huge. It did seem, at the beginning, that the profiles that Air-watch pushed out were hit or miss in regards to their implementation and their effectiveness. But after a while the basics were covered and everything was working fine. I was ready to broaden the test and implement an EIS (Enterprise Integration server) server internally and start rolling it out to some test users. Now I know, dear reader, that this flies in the face of my requirement of not having another server to manage, but please understand that this is merely a piece of software that runs on an existing server and has an agent that synchs Active directory information with the off-site Air-watch server. It also allows the Air-watch Secure Content Locker to map internal WebDAV shares, network shares, and Sharepoint Shares. This was going to be, for my company, the true selling point and power of Air-Watch.

Or so I thought. Initially everything worked fine. But then I started adding more shares and the problems began. Without getting into to gory of details, the shares that I had way exceed the normal capacity of Air-watch. And truthfully, even I was surprised by the quantity of documents we had and were trying to share. It turns out that in our main folder structure there were over 2,500,000 documents. It seems that currently (and I am speculating here because it is where AW stopped indexing the documents) that AW is limited to about 184,000 files. Which is probably fine for 99% of the users, but we needed either a) something that would get all of them, b) change the way the data is retained and structured or c) limit what we put in the SCL.

Before I continue, however, I want to take a moment to mention the customer support at Air-watch. From the sales rep to the tech support, they are one of the most dedicated group of folks I have ever seen in the industry. I could be cynical and say it was just because I was testing the software that they were so dedicated, but honestly the numbers just don't support such cynicism. We simply don't have a large enough user base for that to be true. So I feel they were doing it out of the commitment to the product and the customer. A number of times I had called it quits on AW because I didn't think it was going to be a good fit, but they worked with me and held my hand until I realized that it was a good fit and had a place in my organization. And more than that, they were going to help me make this MDM solution a success come hell or high-water. You don't find that often enough in IT companies.

Because of their dedication to product and customer, I never even made it to testing MaaS360.

So with the MDM solution secure, except for the ability to get network documents on the mobile devices, I decided to see if there as a piece of software dedicated to just that: putting data in network shares on mobile devices.

So after some investigation, I found MobileEcho by GroupLogic. Like AW, it also places a a few small files on the server (which I placed on the same server with the AW EIS software) and runs two services: one to index the files in the locations you want to share on the mobile device and the other to manage some extended permissions, handle wiping data, sending out enrolment notices, etc. All the management for the software, other than the indexing portion, is done through a simple but effective web interface.

Out of all the installations I have done and software I have implemented, I would have to say that this one of the simplest and easy to configure software packages I have ever seen. I had it up and running in about ten minutes. And the speed is incredible. Navigating the network shares on the mobile device is literally faster than doing it on the computer. I don't make this statement lightly: this software is amazing. The reaction from my test users were as follows:

"Wow!"

"Buy it."

"Holy S*%$"

"How can I get this on my PC?"

The only caveat to it, and this is really a matter of choice, is that we are not going to open it up on the firewall. So my end users will need to access it via VPN. That means there is an additional step or two they will need to do to get access to their data which they would not have needed to do using the AW SCL. But in the end, that's okay because the tradeoff is speed is well worth those couple of extra steps.

I am now working on getting a firm count on mobile devices and users and working out pricing. I think these two products are going to benefit my company enormously and increase our competitive edge in our market.

Monday
Mar042013

God has an interesting sense of humor sometimes...

I recently encountered a neighbor at a local supermarket.  She asked me if I had called the police on the neighbors next door.  I stated I hadn't and asked her why she was asking.  She stated the she had noticed a lot of odd activity next door with a lot of people coming and going at all hours of the day and night.  She spoke to the police about this activity.  She then informed me that (without going into too much detail) they were apparently recovering addicts.

Being a father of small children, I got very concerned.  I immediately went into hyper-protective mode.  I was going to get a CCTV system and put it up and monitor the house.  I was going to take some serious steps here.  I was going to call the landlord and ask her what she thought she was doing...renting to THOSE kind of people.  How dare she put my family at risk!

The whole while, a little voice kept chiding me not to judge even as I was ranting about the situation in front of my children.  I struggled with it because I was torn between wanting to protect my family and wanting to follow the words of Christ and withhold judgement.  Thankfully, between the little voice and the price tag of the CCTV systems I looked at, I decided to hold off until I learned a little more.  After all, all I had against them was the word of a neighbor.  And honestly, I every respect they had thus far been good neighbors. They were quite, they put up holiday decorations.  They even shoveled my sidewalk one day.

The very next day guess who shows up in our church...the same neighbors.

My wife and I couldn't believe it. What a poor example I was in front of our kids...trash talking the neighbors and the landlord.  All the while we had folks right next door looking for a church.  And instead of meeting them, getting to know them,  and asking them if they were interested in coming to church, we assumed the worst and hid ourselves away.

I cannot believe that this was a chance occurrence.

God has a interesting sense of humor...

Well played, God, well played....lesson learned.

Friday
Jan042013

The best thing since CTRL+C and CTRL+V

I learned about cut and paste way back when in Windows 3.1.  Its use was a lot less prevalent back then as apps seemed to be more compartmentalized back then.  But the cut and paste functionality was huge in it's power.  The ability to take data from one piece of software and move it en masse to another with two key strokes was a huge development and I feel it was one of the primary factors in the success of the personal PC.

That's why I still find it so amazing how many people still don't use this powerful and time saving feature more.  (Worst still is not using the alt-tab feature to scroll through windows versus closing them, which I still see people to all the time.  I have many end users that still won't use this feature despite my pointing it out and every opportunity.)

I didn't really think anything could beat the cut and paste feature, but there might be a contender...The Snipping Tool.  I recently learned about the snipping tool from a colleague.  It was in Windows Vista, Windows 7 and now in Windows 8.  (I am using it currently in Windows 7.  I never really used Windows Vista enough to find this feature for a number of reasons that are noted ad nauseum on the internet.)

Anyway, I have longe used the alt+prnt-scrn key and the ctrl+V key to copy and paste screen shots into emails, word documents, etc.  The downside to this was always that if I wanted to grab a particular part of a screen or window, I need to get the screen shot and then put it into some type of editing program like MS Paint and the clip the part I needed.  I have tried various screen shot programs, but none really seemed to do the job.

Thankfully those days are gone.  The Snipping tool allows you to clip just part of the screen you want and then paste it into whatever program you like (like word or Outlook email.)  The one downside however is that it doesn't have a nifty keyboard shortcut like cut and past or alt+tab.  But that is easily fixed.

1. Click "Start" and in the search box, type "Snipping Tool" in the search box.

 

2. On the Snipping Tool in the search results, right-click to bring up the context menu and select "Properties."

 

 

 

 

 

 

 

 

 

 

 

3.  In the Properties, in the Shortcut field, select a key to associate with the Snipping Tool.  I chose Z

because I can do it easily with the left hand and it is close to the CTRL+C and CTRL+V.  Once that is done you can easily bring up the snipping tool quickly and easily and it can make putting screen shots in documents and emails (and Evernote) very easy to do.

Hope you find this as useful and as big of a time saver as I did.

Wednesday
Jan022013

Denny's Diner

If you have ever watched "Diners. Drive-Ins and Dives" on the Food Network, then you will appreciate Denny's Diner in Wisconsin Dells, Wisconsin.  There are plenty of good restaurants in the Dells, to be sure, and plenty of familiar chains as well. I've been going to the Dells for years and the one place I somehow missed was Denny's Diner.  Perhaps it is the location (on the corner of of Rt. 12 and Rt. 23) that made me miss it, but boy have I been missing out. 

Denny's Diner (not to be confused with the national "Denny's" chain) is a hidden gem of a restaurant.  The decor is similar to a 50's diner, but with a hodge-podge of oddities thrown in.  From Beatles poster on the walls, to a Tasmanian devil hanging from the ceiling to a train going by overhead, it is hard to describe the wild menagerie of collectables found in the restaurant.

But that is just the beginning of the enjoyment at Denny's Diner.  We went for breakfast.  I had the Spanish omele (which could feed a small army), my wife had the Eggs Benedict, my oldest daughter the standard two eggs and bacon, and my youngest daughter the biscuits and gravy.  All were very good and well worth a return trip on their own.  But the hash browns, for me, were the star of the show.  I would go back just for those.  But my wife and youngest daughter liked the home-made cinnamon rolls the best.

Of course the toast on home-made bread was quite a treat.  Yes, that's right...home-made bread.

We wound up at Denny's Diner by chance this time.  On our next trip to the Dells, you can rest assured that our next visit to Denny's will be high on the itinerary of things to do while we are there.

Denny's Diner on Urbanspoon

Thursday
Dec132012

Google Toolbar in IE 9 not showing up.

Well, I finally am being forced to upgrade IE 8 on my work PC to IE 9.  I'm not a huge fan of IE anyway, but I don't hate it either.  It has its pros and cons.  But I definitely prefer the UI on IE8 to that of IE9.  Specifically I do not like the alert bar at the bottom nor the way downloads are handled in IE9.  But honestly at the end of the day that is just opinion and preference and has no real bearing on how "good" it is as an internet browser.

I know many people complain about security in IE and the slowness, but sometimes, since it is the de facto standard of browsers, it has to be used to get the job done.  I use five different browsers personally. In descending order of use they are Firefox, Safari, Internet Explorer, Chrome, and Atomic Web browser (on the iPad.)

So I made the switch and sure enough the one feature I insist on having in IE, Google Toolbar, won't install correctly.  Well, to be more precise, it installs just fine.  I just cannot see it.  I do the usual uninstall, reboot, reinstall to no avail.  I made sure the add-on was enabled, that I had the right version for my OS, etc.  Everything checked out, but still no toolbar.  And even more problematic, in the View>>Toolbars the Google Toolbar wasn't even showing up.

Then I started going through me settings and found that one of the settings on the Internet Options>>advanced>>browsing was disabled and causing me all my problems.  It was the one named "Allow third party Browser Extensions" and it was unchecked.  I checked it to enable add-ons, restarted the browser and, voilà, I had my toolbar once again.

Still not entirely happy about using IE9, but I am better now that I have my toolbar back.