Source code analysis tools: Evaluation criteria

code-analysis-tools-evaluation-criteria

Source code analysis tools: Evaluation criteria

Support for the programming languages you use. Some companies support mobile devices, while others concentrate on enterprise languages like Java, .Net, C, C++ and even Cobol.

Good bug-finding performance, using a proof of concept assessment. Hint: Use an older build of code you had issues with and see how well the product catches bugs you had to find manually. Look for both thoroughness and accuracy. Fewer false positives means less manual work.

Internal knowledge bases that provide descriptions of vulnerabilities and remediation information. Test for easy access and cross-referencing to discovered findings.

Tight integration with your development platforms. Long-term, you’ll likely want developers to incorporate security analysis into their daily routines.

A robust finding-suppression mechanism to prevent false positives from reoccurring once you’ve verified them as a non-issue.

Ability to easily define additional rules so the tool can enforce internal coding policies.

A centralized reporting component if you have a large team of developers and managers who want access to findings, trending and overview reporting

Tagged : / / / / / / / / / / / / / / / / / /

Read About Windows 7 Deployment Best Practices

windows-7-deployment-best-practices

Windows 7 Deployment Best Practices

This week, I and my colleagues are at the IT Business Edge Midmarket CIO Summit, where we are focusing on the needs and concerns of CIOs in mid-sized businesses and government organizations. I’m doing the talk on Windows 7 deployment best practices and to prepare for that talk, I’ve interviewed around 10 companies that have either deployed Windows 7 or are in trials with it. In Don Tennant’s CIO panel last night, he asked how their trials were going and the CIOs who responded gave answers that are consistent with what I have found. The trials are going vastly better than expected and a high percentage of CIOs appear to be major fans of the offering. Given that I couldn’t find a single CIO that liked Windows Vista, this is certainly a dramatic change.

Let’s talk about what is going right and I’ll make recommendations at the end.

The Advantage of a Maintenance Release

Windows 7 is a Maintenance Release — and Maintenance Releases historically — are more reliable and vastly better liked by IT and users than the initial release of a new product. Windows 98, Windows XP and Windows 7 were all maintenance releases and generally were better received than Windows 95, Windows NT and Windows Vista. Windows 2000 and Windows ME were exceptions. Windows 2000 was a primary release but because of the massive testing for Y2K it actually went in reasonably well, and Windows ME should have been a second Maintenance Release but they made too many changes and didn’t do enough testing and it was horrid. As a result, Windows 2000 behaved more like a Maintenance Release and Windows ME a primary, almost a 1.0, release. The first was widely deployed; the second was avoided like the plague.

A Maintenance Release seems to work better because it focuses on tuning and user-interface simplification. The core aspects of the product remain largely unchanged from the prior service patched product. As a result, the Maintenance release is a vastly more mature product out of the gate. Windows 7, based on testing results, is behaving consistently well, like a Maintenance Release should.

Key Benefits

The review and deployment sites indicated they were seeing a number of strong benefits with Windows 7 over Windows XP. These benefits include much stronger IT control, which has resulted in better reliability for the product because there are fewer employee-driven problems. IT can better block unapproved activities and IT is better able to remotely correct mistakes that do get through.

CIOs appear to be using Windows 7 to significantly extend their PC use cycles for at least another three years and for up to 10 years total. They are seeing performance improvements and getting good installation results on hardware that is up to seven years old.

Security improvements, particularly for government sites, are one of the big reasons for moving to the product and Bitlocker is being used widely in the trials and deployments to protect company data. In addition, the protections against malware are making it much harder for employees to install it, reducing breakage.

With the reduction or elimination of support for Windows XP, problems with that platform are now increasing and the quality of support for Windows 7 appears higher. This is consistent with Microsoft practice, as it tends to put its best support resources on the new platform and discontinue support for any platform that is two versions back. Sites are reporting almost no driver issues — they had been experiencing increasing driver problems with new hardware and Windows XP as core vendors stopped doing driver updates for XP some time ago.

One feature of Windows 7 that dovetailed very well with Windows Server 2008 is Branch Cache for companies that were using it successfully to improve remote office performance. Windows Server 2008, in most cases, was either being rolled out before or concurrently with Windows 7 in most of the sites I spoke with.

Best Practices

The most compelling justification, from a financial standpoint, to rolling out Windows 7 this year is extending the life of existing hardware up to four additional years. Against the avoided hardware cost, the cost of the OS and deployment services appears trivial. Be aware, however, that system memory needs to be assured on any system built before 2008 because both Windows Vista and Windows 7 use memory heavily. If the memory is faulty or mismatched, intermittent and hard-to-diagnose failures will result. After 2008, the vendors put in practices that better tested system memory before shipment.

Big Bang deployments continue to work better because everyone is put on the same software platforms and support is better able to deal with any problems consistently. However, Windows 7 interoperates well with Windows XP and phased deployments remain the most common way these CIOs plan to roll out the offering.

Extended trials are showcasing few problems but also showing that the benefits of putting a contained group on Windows 7 for an extended period before deployment is worth the effort. Most sites are deploying to their own IT organizations first and then six or so months later, after all problems are fully understood and most mitigated, rolling out to the rest of the company.

Tools

There are a number of Microsoft tools that companies are recommending based on their experiences. Microsoft System Center Configuration Manager is being used heavily to properly provision reimaged PCs in large numbers. This tool, which was developed with extensive feedback from IT, has proven to be a huge help in terms of matching the PC configurations to the organizations and employees they have been deployed to.

The Microsoft Assessment and Planning Toolkit has formed the basis for early adapter installations and been one of the primary reasons so few applications have failed after deployment or stalled deployments. This tool goes to the core of why an impressive number of CIOs seem to like Windows 7.

The Microsoft Desktop Optimization Pack has helped early adopting organizations to move up to two-thirds of their desktop applications to servers and off the desktop itself. hey are primarily using App-V.

Other Considerations

As companies begin to think about rolling out Windows 7, there are a number of other things that they are considering at the same time. Remote access is expensive and paying for multiple remote data plans excessively expensive. As a result, they are revising WAN access policies and starting to favor plans and phones that allow tethering.

Some of the firms that are significantly trying to extend aging hardware cycles are looking at employee purchase and access to some corporate resources by employee-owned machines so that individuals who feel they need something newer can purchase the solution themselves.

In much the same fashion, firms are looking at PC alternatives and thinking of starting trials with tablets, smartphones or smartbooks to supplement their PC products.

Bundled bids are being considered, given that Windows Server 2008 is often deployed in the same window to both eliminate vendor complexity and get the strongest volume discounts for both the servers and desktops.

Recommended Considerations

Based on my experience, I suggest you consider some additional items. First, if you are eliminating a vendor, make sure there are no dependencies you don’t know about. One of the worst problems I ever ran into was when the CIO of a firm I was working for eliminated a vendor who also turned out to be our largest corporate customer. That was nearly a career-ending decision.

Look at monitors and interfaces if you are rolling out new hardware. DisplayPort is an increasing option but your existing monitors may not support it, and it isn’t yet universally used.

In looking back at my conversations with these early deployment and trial sites, a number of things occurred to me. One is that if ROI is used consistently for purchases like this, the competency in doing ROI analysis improves and the success rate with the CFO improves as well. This deployment is a huge opportunity to rethink what actually goes on the desktop and you can use it to reduce your desktop complexity and desktop operating costs significantly.

Vendors should be held to the results they share with you for ROI calculations and if the sold benefits don’t result, this should be taken into consideration for future business. So many deployments like this are managed tactically and often the results suffer.

Spend some time talking to similar firms who have already deployed Windows 7 or who are also in trials. Events like this CIO forum are a great place to meet folks like this.

Generally deployments like this work vastly better with new hardware and given the relatively low cost of that hardware, you may be better off with it rather than extending the life of the existing stuff. As vendors focused on cost containment several years ago, they designed for three-year life cycles. The chance of catastrophic hardware failure goes up sharply after thee years as a result.

Particularly in the first half of the year, Microsoft is looking for early deployment sites and will make available resources for free that can substantially reduce your cost of deployment. In addition, because you will then be visible, it will tend to go to greater lengths to keep you happy. Firms have found that invaluable in the past.

Make sure you have enough system memory,. Systems with less than 2 GB of memory are very slow and users will likely complain about the result. With a focus on putting applications and data on servers, consider low-capacity SSD drives over high-capacity magnetic drives. They are more reliable, dramatically faster, and help force the employee to put information on servers where it belongs.

 

Wrapping Up

It amazes me that I found no CIO who didn’t like Windows 7 and an impressive number that seemed to actually love it. Don’t be surprised that, after your testing and deployment, you actually think better of the platform and Microsoft as a result. That seems to be the outcome so far.

Article Source:

http://www.itbusinessedge.com/cm/blogs/enderle/windows-7-deployment-best-practices/?cs=40045&page=1

 

Tagged : / / / / / / / / / / / /