Articles by David Dupré

Innovation is one of our core values; innovation gave birth to commonIT and continues to influence how we approach the decisions we make every day to develop our business. So it there was no hesitation when we decided to partner with the Telecommunications department of INSA Lyon as a sponsor of its “Projets Innovants” (Innovative Projects) program.

Three of the four co-founders of commonIT are graduates of INSA Lyon, one of France’s leading graduate engineering schools. But sponsoring the Projets innovants program is about more than just giving something back to the old school. The program, run by Stéphane Frénot (tutor/researcher) et Hugues Benoit-Cattin (head of department), targets engineering students in the 4th year of their studies. The objective is to give the students the tools and methodologies to drive technological innovation, and includes a 6-month project. As a sponsor commonIT will meet regularly with the participants to deliver practical recommendations drawn from our own experience. CommonIT will also be sponsoring a prize for the three most innovative projects with an awards ceremony when the program draws to a close in June.

Microsoft’s staged launch of Windows 7 during the latter half of 2009 has left enterprise system and network admins facing a dilemna. Is now the right time to migrate? And what are the issues?

Given the widely acknowledged lack of enthusiasm for Vista in the corporate network, this means migrating from XP — and the default browser in XP, IE6. For Microsoft, there’s no problem. IE8, integrated with Windows 7, offers “a faster, easier, safer web” (compared, we presume, to IE6 and IE7). The problem in the enterprise is that many applications were (naively) optimised for IE6, and are dependent on certain Microsoft proprietary “enhancements”… which were subsequently dropped in IE7 and IE8 as Microsoft moved to improve compliance with W3C standards.

Will migrating the desktop to Windows 7 mean re-writing enterprise applications to ensure compatibility? Is it cost-effective? Can it even be done? And if we do go through with it, can we be sure we won’t be faced with another costly re-write the next time MS updates IE?

Complicating the situation for today’s CIO even further, compatibility is now about much more than just following Microsoft’s roadmap for Internet Explorer. Your users are chosing Firefox, Safari, or Google Chrome, with terminal devices become more and more diverse — user’s own PCs or laptops from home, mobile users running an unpredictable range of smartphones, netbooks and soon to arrive slate devices. As a system administrator, you no longer have the luxury of dictating the configuration of the end-point device. You’re expected to deliver a service irrespective of user choices of platform and browser. How many IT departments have the means to test and validate corporate web-based applications against multiple browsers running on multiple end-point devices?

Fortunately there’s a secure, cost-effective and future proof answer to the issues,. A solution which allows users running Windows 7 to access IE6 optimised applications and IE8, without the need to go through any sort of context switching or reconfiguration. The solution is Virtual Browser.

Virtual Browser allows you to migrate desktop PCs to Windows 7 while offering IE6 compatibility by virtualising the browser (IE6 — or any other industry standard browser), ensuring ongoing access to IE6-optimised applications, simultaneously with support for the most recent browser releases. In practice a fully optimised browser configuration (browser release, plugins, helper applications such as Flash and Java) is hosted by the Virtual Browser server and launched on demand for each user connection. Multi-browser support made easy — find out more from one of our customers here.

The new year starts with two media appearances for commonIT. The January 7th edition of 01Informatique, France’s leading weekly for IT professionals, dedicates (almost) a full page to commonIT — the founders, the first steps, the technology — by journalist Stéphane Bellec. Should you get your hands on a copy, commonIT is on page 20. Hard on the heels of the 01Informatique article I was interviewed for the 01Business show on French radio station BFM (Business FM) — 3 questions, 3 minutes. You can listen to the interview as a podcast here — skip to 42″40 (unless you’re also interested in the French market for e-learning solutions, the focus of the broadcast).

The latest release of Virtual Browser introduces several new features (like every new release — with thanks to Mathieu’s team!). One of these new features in particular adds a whole new dimension to the Virtual Browser solution. Virtual Browser now supports delivery of ICA and RDP remote desktop clients, alongside our already familiar browser support (IE, Firefox, Java, Flash, etc). With this release the end-user now has access not just to web-based applications but to any application which can be virtualised, as well as full-featured virtual desktops.

It’s worth taking a few minutes to understand where we’re going with this. Release 1.3 offers a single, secure, platform-independent client delivering installation-free end-user access to any web-based or virtualised application without the need to worry about (i) the configuration of the end-point device; (ii) the compatibility of end-point browser configuration and the target application/server; or (iii) the appropriate network configuration (VPN, etc) to access the remote application. The objective is to position the Virtual Browser solution as the universal client for access to cloud-based services.

The “Cloud” and “Cloud Computing” are still relatively new terms and there are varying definitions of what they comprise. For us, they cover the full set of web-enabled or virtualised applications, hosted in the enterprise (the private cloud) or by third-party service providers (SaaS). What we’re seeing today is enterprises migrating step-by-step to cloud computing models, with the infrastructure becoming decentralised — some of it moving to virtual environments (Citrix and others), some of it onto the Intranet, and some moving to the Internet, taking advantage of Cloud offerings vendors like Google, Salesforce.com and other SaaS providers.

In positioning Virtual Browser as the universal client for cloud access, we’re facilitating enterprise migration to cloud computing by resolving three key management issues:

1. Security: encrypted traffic between the VB client and server, strong authentication, and support for multiple isolated user environments: Internet, Enterprise (internal) applications, on-line (cloud, SaaS) services, on both enterprise (managed) end-points and non-managed end-point devices.
2. Single point of management and maintenance — configuration, updates, patching — of the client environment, on a centralised server environment, clustered for redundancy and scalability.
3. Platform independence and compatibility: No matter what type of device the end-user is using or where they connect from, the application sees the same browser, eliminating compatibility issues and facilitating application development and support.

CommonIT is growing fast. Less than a year after we opened for business, we’ve outgrown our original offices and so from today we’ve moved half a mile across Lyon to more spacious accommodation. Our new offices, at 22 Rue Constantine in Lyon’s 1st arondissement, are next door to the Museum of Fine Arts and a short walk across the Place des Terreaux from City Hall.

We’ll have space for our expanding team (currently 10 people), and the new offices also offer better facilities for meetings with customers and partners — and for our training sessions, the next of which takes place on December 17th (at the new address).

Visit the web site for full contact details.

In Sizing the Cloud; Understanding the Opportunities in Cloud Services (published in March 2009) analysts at Gartner, Inc. predict a global market for enterprise cloud services reaching $150.1 billion in 2013 – more than three times the size of today’s market of $46.4 billion. The cloud-based enterprise will be dependent on the internet to an extent way beyond the situation today, and information systems and applications will be utility services, like water or electricity — a click of the mouse to bring up the CRM software and shut it down, with the user paying for a metered service.

As far as I’m concerned this is a fantastic development which will allow businesses to focus on — well, what they do best, where they can add value. Information resources will be available on demand, like tapwater. Except that a packet of data is not like a drop of water; those data packets may be carrying business-critical data. The internet is a two-sided coin for the enterprise: one the one hand, on-demand access to flexible, massively scalable information resources ranging from basic hardware platforms to individualized services and applications software; on the other hand, the vector for increasingly intense efforts to penetrate enterprise information systems for criminal gain. In other words, the enterprise is in the process of migrating it’s information resources to the most stressful environment you can think of if you’ve ever had to think about information security.

If the Cloud Computing paradigm is to fulfill its promises, we urgently need to find ways of reducing the stress of internet dependency. We need to protect ourselves from the internet that threatens us, to get the full benefits of the internet that will make our business more agile, more responsive, which will allow us to evolve and progress. If we can’t make the internet “stress free” we’ll start seeing the (costly) development of parallel secure networks for enterprise applications.

If the best way to avoid internet attacks is not to connect to the internet, that’s clearly an unrealistic approach today. What we can do, however, is to segment different usages, isolating access to sensitive, business-critical data and applications from the potential threats. While building an entirely new network is probably a stretch too far, a more realistic solution, perfectly feasible today, is to isolate individual web applications by virtualizing access at the source, the browser itself. Enterprise end-users access sensitive business applications and data over the internet using secure tunnels carrying virtualized browser sessions. With the virtual browsers hosted in close proximity to the applications, data need never be exposed on the internet with this architecture. We can’t clean up the internet to make it entirely safe for your business critical data and applications, but by ensuring that critical systems and end-user browser sessions are protected from attack we can bring a “stress-free” internet experience several steps closer for the CIO.

Click here to watch the video

Housed in the historic 19th century Bourse (Stock Exchange) building in the heart of Lyon, the Chamber of Commerce and Industry (Lyon CCI) plays a key role in the development of France’s second biggest regional economy. The CCI consults with and lobbies government representatives and politicians at local, national and international levels to defend the interests of 58,000 businesses in and around Lyon. It supports the creation, acquisition, and development of member businesses.

The problem

Many of the applications developed for use internally at the CCI were developped for compatibility with version 6 of Microsoft’s Windows Internet Explorer (aka IE6). More recent applications, however, have been developed for compatibility with version 7. And as most web development pros know, an IE6-optimized application is highly likely to be incompatible with IE7 – and vice-versa.

So how could the IT services at the CCI reliably deliver access to older applications and more recent ones, given that it’s impossible to install both versions of IE on a single desktop?

Virtual Browser provides the solution

The Virtual Browser solution resolves the problem by integrating IE6 as the browsing environment in the users’ Virtual Browser session. The Virtual Browser session thus ensures full support for older, IE6-compatible applications while the desktop IE7 installation allows users to access more recently developed web applications.

Users are satisfied as they continue to use the older applications transparently while benefiting from the improved features of IE7 for newer applications. For the CCI, using Virtual Browser to deliver compatibility in a mixed environment means significant cost savings compared with upgrading or re-writing applications for IE7:

“There’s no doubt that the cost of developing and upgrading all our applications bears no comparison with the cost of rolling out Virtual Browser” says Albert Levigne, CIO – Lyon CCI.

Why choose Virtual Browser by commonIT?

The Lyon Chamber of Commerce and Industry chose Virtual Browser for:

• The ease of deployment of the Virtual Browser agent to 600 end-points.
• End-user performance and ease of use.
• The innovative approach which resolved the compatibility problem much more cost-effectively than a program of updating or redeveloping older applications for compatibility with the latest generation of browsers.

ECS, the European leader in IT infrastructure management with a turnover of €1.9bn, is holding its very first Partner Days on 1st and 2nd October at the Château Saint-Just near Paris, and commonIT has been invited to participate. The aim of the Partner Days, which will consist of a series of information and technical and sales training sessions, is to develop joint business opportunities by offering innovative, value-added technology solutions to clients of ECS and its partners.

The event will be attended by around 300 people from all over Europe. Representing ECS will be the Board of Directors, the Product Managers, the Sales and presales teams, technical support and Project Managers. An opportunity for us at commonIT to develop a tighter relationship with a valuable partner.

Does what, exactly? Why, winning the Monaco Grand Prix, of course! When commonIT heads for Monaco next month we won’t be trying to emulate Formula 1 drivers (though some of the team regret this) — but we’re going there to win.

From October 7th to 10th around a thousand of the most senior CSOs representing practically every major enterprise, ministry and government and local authority agency in France will be in Monaco for the ninth annual “Assises de la sécurité” get-together. As one of the sponsors of the event commonIT will man a stand for the three days of conferences and workshops, and deliver a 40 minute workshop on virtualisation and browser security. Through a partnership with the French edition of Global Security Mag all delegates will also receive a copy of a new white paper on enterprise web security developped by commonIT — the English version will be available shortly, watch this blog!

The three days of close interaction with high-level contacts from every sector of the French economy are a once-a-year opportunity to reach key decision makers, to spread the Virtual Browser message, to listen to their needs, and to detect new business opportunities. That’s why we’re sending a team of three people; commonIT will represented by Daniel, Albino and myself. Just like Jenson Button, we’re going there to win. But we’ll be driving a little more slowly.

The summer holiday period offered little rest for the information security specialist, with a series of browser and plugin vulnerabilities coming to light. Mathieu covered them here, here and here.

Then last week news broke that as many as 57,000 websites (a later report increases the estimate to 70,000) are contaminated with a malicious javascript. And we’re not talking about obscure pages on dubious, rarely visited websites in the outer reaches of the internet; a major New York hospital, medical charities, educational institutes, and a legal partnership all figure in the list of infected sites.

Back in the days when the floppy disk (for those who remember them) was the main method by which viruses were transmitted from one PC to the next, it was common for enterprise administrators to remove or disable the drives. Given today’s security risks, questions must be asked about the future of the internet in the enterprise. Should internet access simply be banned for end users? That’s clearly not the way forward. The web is a powerful communications tool, boosting productivity and competitivity. Added to which today’s users are not just internet-aware, they’re practically dependent on the web and will revolt against any restrictions on access.

So how can the enterprise deliver end-user internet access without leaving its own networks and systems susceptible to attack? With Virtual Browser “internet access” no longer means “connected to the internet.” The end-user’s PC doesn’t bounce from website to potentially risky website following the user’s mouse clicks. The user connects to a browser instance running as a virtual machine hosted in the secure environment of the datacenter. It is this hosted browser which connects to the internet. It’s as if, back in the days of the floppy, we could read and write to the disk without inserting into the drive — so that there was no risk of viruses infecting our PC.