! Four mistakes that can kill virtual machine performance

Hi,

From SeachVirtualization site, see below:

1: Virtual machine screensavers
Screensavers are an absolute requirement for desktops in the hallways of our brick-and-mortar offices. They ensure that a user who walks away from his computer returns to one that has been secured against prying eyes. Screensavers can also provide protection in data centers. If screensavers on servers activate and lock the console after a few minutes of inactivity, they can protect that environment from an intruder who gains physical access.

But screensavers are a quiet consumer of processor resources. No matter how insignificant that screensaver seems, the processor power required to draw the pipes crawling across the screen or to scroll your favorite company slogan consume a percentage points of overall processor power. While that might not seem like much, consolidated virtual environments might have 10 or 15 virtual machines (VMs) running on a single virtual host. These percentage points add up when they are multiplied by the number of VMs. Even worse, if your environment uses hosted desktops through a virtual desktop implementation, this practice likely costs even more.

So turn them off. Remember that many environments enforce screensavers through group policies, which may mean an exclusion from existing group and corporate security policies.

2: Managing from the console
As with screensavers, this practice is a big no-no in virtualized environments because of the level of resources required to create and maintain an instance of the Explorer shell. Just logging into a virtual machine is hard on that VM’s processor utilization. The process of creating a shell for the console can spike processor utilization during the login and logout process. Actually using any of the consoles on that server further consumes valuable resources. Logging in and accomplishing activity on your VMs’ desktops increases the amount of memory they consume.

Microsoft provides the Remote Systems Administration Toolkit, PowerShell and VBScript, as well as many other tools for efficient virtual machine management. All these lightweight tools require much less VM capacity than a traditional login. So use them, and avoid wasting processing power and memory like an amateur.

3: Antivirus and anti-malware scanning of VM disk files
Your corporate security policy might not allow for the exclusion of Virtual Hard Disk or Virtual Machine Disk Format (VMDK) files from antivirus and anti-malware scans. But be aware that the real-time scans of such products can substantially reduce the overall performance of these files — and, thus, their virtual machines. Since a VM’s processing is highly dependent on its disk subsystem, any extra activities that slow down that process slow it down as well.

That’s not to say that VM disk files shouldn’t be subject to security scanning. Scheduled scans of such files can ensure that they don’t get infected, without the processing overhead of real-time scans. Also, some of today’s more advanced scanning products are beginning to incorporate virtualization awareness to reduce their overall impact. If your security policy will allow it — or if you can bribe your security officer to look the other way — definitely consider excluding these files from your real-time scans.

4: Windows Server’s power options
At conferences around the country, I’ve encountered the final mistake repeatedly. The default power option of Windows Server 2008 upon installation is set to "Balanced." Of the three options available — Balanced, Power Saver and High-Performance — this is the second of the three in terms of overall system performance. You might save a few dollars on energy, but at the cost of wasting some of the server’s processing power. Resetting the radio button to the high-performance option has a noticeable effect on how well VMs will perform.

More information and source here.

Eduardo Petizme.com
Microsoft MVP – Most Valuable Professional
MCSA Security 2000 & 2003 | MCITP Server 2008
Blogs: http://blog.petizme.com ( USA | BRA )
Twitter: http://twitter.com/petizme

! ! URL Filtering Telemetry Package for TMG Beta3

Hi,

Last month the TMG Team announced that is available to download (public) the “URL Filtering Telemetry Package”.

”With Forefront TMG Beta3, we introduced URL filtering leveraging the Microsoft Reputation Service (MRS). As we approach the Forefront TMG release candidate and release to market, we are working to improve the coverage and accuracy of our URL filtering offering and fine-tune it to address the Web traffic you see in your business.

As part of this effort, the MRS team has recently completed a significant database update, merging URL categorization data from partners such as Marshal8e6 and BrightCloud. Those of you who have installed TMG Beta3 and enabled URL filtering will begin receiving the enhanced data in the next several days. URL filtering database coverage and accuracy enhancements will continue to take place on an ongoing basis. …”

“Once you install the telemetry package, you will be automatically opted-in to the Microsoft telemetry service with basic membership (unless you were already signed in with advanced membership). In the context of URL filtering, this means reports collected by Microsoft from you include:

  • Random URL samples. The URLs are truncated to avoid disclosure of personal information.
  • The local list of URL category overrides.
  • A few statistical counters such as the ratio of requests that MRS failed to categorize.
  • Globally unique identifiers (GUIDs) to uniquely identify a Forefront TMG server for statistical analysis. The GUIDs are randomly generated during installation and do not contain any personal information or customer identity information. ”

More information and source here.

Download: http://www.microsoft.com/downloads/details.aspx?FamilyID=f7e5907d-60ae-4f39-8660-9a959db5a6e6&displaylang=en

[]’s

Eduardo Petizme.com
Microsoft MVP – Most Valuable Professional
MCSA Security 2000 & 2003 | MCITP Server 2008
Blogs: http://blog.petizme.com ( USA | BRA )
Twitter: http://twitter.com/petizme