New candidates line up for 2004

Some folks dinged my patch-management column, commenting that Redmond doesn’t really release as much new code as all that. Well, I’m wondering where they were on Monday, June 14 — a busy night in Redmond — when the company unleashed release candidates of Windows XP SP2 (Service Pack 2) and of Virtual Server 2005. I’ve got this mental picture of Microsoft employees scurrying around like Keebler elves publishing release candidate after release candidate into the eager, cherubic faces of worldwide systems admins.

But if you’re anything like me, a release candidate doesn’t bring out much of the cherub in you. They’re good for testing, but I’ve learned the hard way that deploying one beyond the lab is simply asking for pain. But it certainly brings a solid patch-testing strategy into sharp relief.

Our first RC was the much anticipated Windows XP SP2. If you’re not deploying this in a test situation before running it out to clients, you’re loony and probably eat racquet balls for lunch. My guys stayed up late just to get the RC and plug it into some initial test scenarios. Our big worry is the new and “improved” ICF (Internet Connection Firewall ). The ICF will implement a number of rules by default, but it does allow more flexibility in this than its predecessor; mobile warriors, for example, will be able to turn it off on their corporate-facing Ethernet ports, while leaving it running on their Starbucks-facing wireless interfaces.

What’s got us, most other sys admins I know, and a good chunk of Microsoft worried is that Redmond has as much as admitted that ICF will have application conflicts. That means testing the little bugger with your entire suite of installed software is an absolute must. Good thing it’s only a release candidate.

The next release candidate may actually excite some sys admins more, but only those who haven’t already invested in VMware. Microsoft’s Virtual Server 2005 came out in RC form June 14, and it would have been a great way to test XP’s SP2 RC if I didn’t need my answers more quickly than that.

Virtual Server 2005 is aimed more at developers looking to do application testing or at production environments where IT is looking to migrate legacy data, but according to the spec sheets it should work acceptably for patch testing, too. And despite rumors that Microsoft was going to exclude any OS other than Windows from the VS 2005 compatibility list, the company has now announced that VS 2005 will support multiple OSes on a single hardware platform “including Linux and Unix-based operating systems.” Although exactly which distributions and versions is still a mite vague.

So we’re happily testing away at a bushel of new release clients, and I’ll certainly pass on any information my administrators learn in the wee hours of the caffeinated morning. Unfortunately, this means slowing down our testing of a Redmond tidbit with much more immediate impact that either of the above two RCs: the Exchange IMF (Intelligent Message Filter). If you’re not gleeful about the anti-spam capabilities built into Outlook 2003, then IMF is definitely something to check out.

It’s a free add-on, presently available only to those poor souls who purchased Exchange under Open License 6.0, but it packs a punch. Related to the SmartScreen Technology inherent in Outlook 2003, IMF resides on the server side and allows administrators a quick interface to root out and destroy spam traffic. Kludgy at the outset, IMF does settle down after a while, and, in conjunction with another spam bouncer at the edge, it can provide significant reductions in unwanted e-mail. We’re still working on volume figures, though.

Patch testing shouldn’t be considered only for security patch testing. While those updates require the fastest turnarounds in terms of testing time, every piece of add-on code, OS service pack, or feature pack coming out of Redmond (or anywhere else for that matter), should be tested just as vigorously. Especially release candidates, because they provide ample time to complete testing before the actual product ships. New feature are great, but better safe than sorry. Release candidates provide you the window to ensure that safety, so take advantage.