Unless you bring your own license and create your own operating system image, a WorkSpace is Windows Server 2008 R2 with the Windows Desktop Experience. This is for licensing reasons, since Microsoft has stringent limitations around the use of Windows 7 in a virtual environment. Windows 7 is only available on Microsoft's own Azure cloud for test and development. In order to bring your own license, you need a Microsoft Volume Licensing agreement with Software Assurance.Amazon has done a good job in configuring Server 2008 R2 as if it were Windows 7; after all, the core operating system is the same. In addition, Amazon told The Reg that "each WorkSpace is a full Windows VM," so there is no multi-user trickery going on under the covers.WorkSpaces ties in with several other AWS services. You can integrate with on-premises Active Directory via Amazon's Virtual Private Cloud combined with a VPN connection. There is also a WorkDocs Sync client which lets the user synchronize documents across two or more computers, including their WorkSpace. WorkDocs, once called Zocalo, is a document storage and collaboration service.

Support for Teradici's PCoIP zero clients was added in October 2014. This enables use of WorkSpaces from lightweight thin client devices such as those from HP or Dell/Wyse.
In April 2015, the AWS Marketplace for Desktop Apps opened, together with WorkSpaces Application Manager (WAM), offering virtualized applications that can be purchased on a monthly basis and deployed to WorkSpaces. The full WAM costs an additional $5.00 per month. Europe did not get WAM until December 2015.
Amazon exposed a public API for WorkSpaces in April 2015, for programmatic management.
CloudWatch, a service for monitoring AWS servers and setting up alerts, got WorkSpaces support in July 2015.
Optional encryption of WorkSpaces storage volumes was added in October 2015.
In January 2016, WorkSpaces added support for audio in (enabling headset use) and high-DPI screens.
You only ever discover the inadequacy of your system management, monitoring and diagnosis tools when something goes wrong and there's a gulf between what you want to do and what you need to do. Here are 10 things you can do to maximise your chances of diagnosing the problem when the brown stuff hits the ventilator.

• Battery for Fujitsu LifeBook E8310


• Battery for Fujitsu LifeBook E8210


• Battery for Fujitsu LifeBook E8110


• Battery for Fujitsu LifeBook E782


• Battery for Fujitsu LIFEBOOK E781


• Battery for Fujitsu LifeBook E751


• Battery for FUJITSU ESPRIMO Mobile V5545


• Battery for FUJITSU ESPRIMO Mobile V5535


• Battery for Amilo Pi 2550


• Battery for Amilo Pi 2540

The most important thing you can possibly do is have an authoritative time source and ensure all your infrastructure components set their clocks from it. If systems have different times on their internal clocks, whatever logs you have available will be almost impossible to collate either manually or using security information and event management (SIEM) tools. Note that I'm not saying that the clocks actually have to be right to the nearest nanosecond relative to GMT – just that they need to be identical to each other. But use an authoritative time source anyway, as having everything set to the right time is also useful. And just to reflect on that mention of GMT: have everything set to the same time zone regardless of where it is – again, it'll avoid you having to do mental addition and subtraction when the time comes.You need to be able to see who took what action, and when they did it. It's crucial, because who's to say they won't do it again? If the employees start to moan that Big Brother is watching them, tell them, as politely as you see fit, why you are doing this.I have come across relatively few problems in my time that were malicious and deliberate, but loads of instances where users did something wrong unwittingly – in which case I've been able to instruct or train them and/or clarify documentation. Also, remember that it's often not a person who was the last to touch something before it broke: it's often a script, and the audit log will give you a pointer that helps you find which one.

Logs take shedloads of disk space, and are a paradox: when all is well you want to turn it down to report only emergency problems, but if something breaks you want debug-level logs from ten minutes ago. Think hard about every log and set its level appropriately; use log rotation judiciously; and set aside plenty of disk space (it generally doesn't have to be super-fast disk) dedicated to logging so you don't kill your world by filling core volumes with logs.If you're using an enterprise-level server and you don't buy the out-of-band management module, you're a numpty. In my past life looking after a global enterprise's network my servers-and-storage peer and I would always ensure we had full out-of-band console control for all our kit, even to the extent of a dial-up modem connection into a terminal server and KVM unit to cater for WAN and VPN failures. It cost us probably a couple of thousand quid per site and it saved our bacon countless times.I've seen it so often: the out-of-hours guy gets called, can't fix the problem, escalates it to the second-line guy … and his privileges don't let him in with adequate permissions either to look at the problem or to fix it. Use role-based permissions and make sure the support teams have the right profiles – and test them frequently.

• Battery for Amilo Pi 2530


• Battery for Dell Latitude E6520


• Battery for Dell Latitude E6510


• Battery for Dell Latitude E6500


• Battery for Dell Latitude E6430


• Battery for DELL Latitude E6420-All


• Battery for Dell Latitude E6420


• Battery for DELL Latitude E6120-All


• Battery for DELL Latitude E5520-All

Current credentials
Which brings us onto currency of credentials. If you're the tenth on the call-out list you've probably not been called for months: then when the phone does ring you find your account on the system you're trying to fix has expired. Sometimes you'll be lucky and the system will say: “Your account has expired: click here to change your password”; sometimes you won't and it'll say: “Your account has expired: contact your system administrator”. Again, check your credentials regularly so you know they'll work when you need them.It's common to have the God-level password for core systems unknown to anyone. Sounds a bit daft, I know, but a good way to stay secure is: (a) write a ridiculously complex password on a piece of paper; (b) set the top-level password to that string; and (c) seal it in an envelope and lock it in a safe. If it's sufficiently complex and odd, the person who wrote it won't be able to remember it, which means you always have a last-ditch means of access. But make sure you have the right processes in place for rousing those who have access to the safe when you need the password.

To add a comment please login by clicking here