4 handy features in Windows 10

So what happened to Windows 9? I guess 7, ate, 9….. (insert cicada noises). Put that aside, let’s start fresh. Windows 10 preview is here. So what’s so special about Windows 10. Here are 4 handy features that I personally like from Windows 10.

  1. Revamped Start Menu
    Windows 10 Start Menu
    Here you can pin, unpin, resize, move, uninstall within the one menu. In my opinion, this is a key feature for people to adopt to the new OS. They’ve integrated “Metro Apps” with the regular Windows applications very well in this version.
  2. Task View (multiple workspaces)
    Windows 10 Task View
    This is pretty much Ubuntu’s workspaces with a Windows twist. Similar to the principle of tabbing in web browsers, task view allows you to separate different functions for when you use the computer. As an example, your first task/workspace may be used for emails and office applications only, your second task/workspace may have a line of business application running, and your third task/workspace can have your web browsing. Here you can manage your activities in different spaces.
  3. Home folder in Windows Explorer
    Windows 10 Home
    Now you have a home folder that has all your favourite folders as well as frequent folders that you access.
  4. Copy and paste in command prompt
    Windows 10 Copy and Paste
    My personal favourite. Copying and pasting in command prompt. Now you can press ctrl+C and ctrl+V to copy and paste into command prompt. None of this ^v business 🙂

We’ll get into the server/client bits and pieces in another post that is still to come 🙂

Intel NUC – Next Unit of Computing

Next Unit of Computing. A sweet, little device that packs a punch, uses minimal power and can fit it in the palm of your hand (note: requires pretty massive hands).

So what can you do with it? Thin client, test lab, HTPC, NAS, i.e. whatever you want to do with it.

What will I do with it? I have three uses: Day to day PC, HTPC and Steam Box.

Here are the specs for the little beast I bought:

  • Intel NUC Kit i5-4250U HD Graphics 5000 2.5in SATA PC
  • Intel Dual Band Wireless-AC 7260 802.11ac Wi-Fi + Bluetooth adapter (more on this here)
  • Kingston 8GB 1600MHz DDR3 CL11 SODIMM RAM KVR16LS118
  • Samsung 840 EVO mSATA 120GB SSD
NUC - Intel NUC Box

What will you make?

The guys and glory of the mighty NUC!

The guts and glory of the mighty NUC!

mSATA SSD for the win. It's as tiny as an SD card!

mSATA SSD for the win. It’s as tiny as an SD card!

NUC - Wireless and NUC

I’ll be preparing a guide on how to setup and configure the NUC and also give you an insight of how I’ll be using mine!

Subscribe on the right side of the page for up to date info!

Intel NUC – Install Wireless Card

Not sure if anyone else out there has had issues with the wireless card for the Intel NUC but I had some pretty frustrating moments with it. Bluetooth connectivity, wireless dropouts, minimal connectivity and so many other inkling bits and pieces.

There was a little hint in the product manual that made little to no sense to me. See below:

Why The Fuss?

Image 1

Here I am frantically looking for these two wires. Is it in the NUC, can’t find it. Was it in the wireless card packaging? Nope. Do I need to buy it??? Ok I may sound like a massive noob BUT I’m sure by posting this, one or two other people might find the following information useful.

It was in the NUC!!! The little ninja cables were there all along.

NUC - Wireless Wiring

Image 2

  1. Remove the lid of the NUC.
  2. On the side of where the wireless card slot is, there will be wires running underneath the board (Image 2).
  3. Pull out the wires, remove the sticky tape and plastic heads.
  4. NOW follow the instructions given to you in the manual (Image 1) and plug in the ends of the wiring to the wireless card.
  5. Download the latest drivers from the Intel site and enjoy wireless streaming from your little bundle of joy.

What do you plan on doing with yours?

 

WSUS – Throttle Bandwidth Utilisation

Just had an issue today where I approved WSUS updates for maintenance and came to the realisation that as soon as you approve new updates WSUS automatically begins to download them. Here I am trying to isolate why the browsing internet, reviewed the gateway, noted download traffic was massive from the WSUS server, logged on and noticed…. akamai.

WSUS - Akamai

 

Yep, I didn’t even realise (noob I know) but I’ve found a way to manage the downloads by WSUS (and other Microsoft services that are chucking a sneaky). BITS is a sneaky little service that most people may not even realise is affecting the performance of their internet use. Here’s an acrostic poem I prepared earlier:

Background
Intelligent
Transfer
Service

All we need to do is throttle the amount of bandwidth the service uses during a certain time frame.

  1. Open Group Policy Management
  2. Browse to Computer Configuration > Policies > Administrative Templates > Network > Background Intelligent Transfer Serice
  3. Double click Limit the maximum network bandwidth for BITS background transfers
    WSUS - BITS GPO
  4. Enable the settings and configure as per your requirements
    WSUS - BITS GPO Details
  5. Hit OK, associate the GPO to your WSUS server.
  6. If you want it to take effect immediately, logon to the WSUS server and run a gpupdate /force
  7. You’ll notice the bandwidth utilisation drop within seconds.

 

TL;DR: Configure GPO to throttle BITS utilisation and force update on WSUS server.

 

 

 

 

Batch script to determine 32 or 64 bit Windows Operating Systems and perform an action

I think that’s the longest title I’ve ever made! Anyway, if you’re like me and need to work on different Windows Operating Systems and would like to distinguish between architecture types when executing batch scripts, then you’ve come to the right place.

Check out the below script and use it to make your life easier:

@echo off
::Written by Samontech

SET Version=Unknown

wmic os get osarchitecture | FINDSTR /IL “32” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”32″

wmic os get osarchitecture | FINDSTR /IL “64” > NUL
IF %ERRORLEVEL% EQU 0 SET Version=”64″

ECHO The OS architecture of Windows found is %VERSION% bit

IF %VERSION% == “32” GOTO OLD
IF %VERSION% == “64” GOTO NEW
::If no versions are found go to UNKNOWN
GOTO UNKNOWN

:OLD
ECHO Execute script for 32 bit OS
***Insert awesome script work here!
GOTO FINISH

:NEW
ECHO Execute script for 64 bit OS
***Insert awesome script work here!
GOTO FINISH

:FINISH
ECHO Script executed successfully
GOTO END

:UNKNOWN
ECHO OS Architecture Unknown

:END

It’s very similar to my batch script which deletes temporary files on all Windows Operating systems, but, use your imagination and put it to use e.g. upgrading Adobe Reader, Adding Registry keys, the list goes on!

Fortigate: Configure High Availability

So this may not be necessary for most home users out there but for those that need a quick rundown on how to configure High Availability between Fortigates, I hope this helps:

Prerequisites:

  • All Fortigates need to have the same hardware configuration i.e. hard disk configuration, optional components installed, same model version.
  • All Fortigates need to have the same firmware build e.g. v5.0,build0271 (GA Patch 6)
  • All Fortigates need to be using the same operating mode e.g. NAT or Transparent
  • All Fortigates need be operating in the same VDOM mode
  • If all Fortigates are operating in multiple VDOM mode, have they all got the same VDOM configuration
  • All interfaces need to have a static IP address. If any interface is using DHCP you can’t configure HA
  • Fortigates that have an in built switch will not work. You will need to configure Interface Mode.

Boring stuff done, let’s get to work.

High level steps required to configure HA:

  1. Configure Fortigate units for HA operation individually and power off.
  2. Connect the Fortigates to the network
  3. Connect all interfaces (LAN, Heartbeat, Internet)
  4. Power on both Fortigate units
  5. Test!

Details Instructions

  1. Log onto the first Fortigate unit (FG1) and configure all your interface settings, policies, hostnames, VIPs, firewall addresses, routes etc.

    FG1# conf sys hostname
    FG1# conf sys interface
    FG1$ conf firewall policy
    etc

  2. Configure High Availability via CLI. Here is my standard setup but ensure you read the Fortigate manual for further clarification

    FG1# conf sys ha
    FG1# set mode a-a
    FG1# set group-name SAMHA
    FG1# set password Th!sIs@s3CurePa$$w0rd
    FG1# set hbdev “port2” 50 “port3” 50
    FG1# set session-pickup enable
    FG1# set override disable
    FG1# set priority 50
    FG1# set monitor “port1” “wan1”
    FG1# set pingserver-monitor-interface “port1”
    FG1# set pingserver-failover-threshold 1
    FG1# end

    Notes:
    – Set “hbdev”: this is the interface that you will connect to your second unit and monitors the heartbeat of the unit i.e. port2 on FG1 will be connected to port2 on FG2. The number after is the priority of that interface. It is recommended that you have at least 2 heartbeat interfaces configured.
    – Set “monitor”: this is the interface that the Fortigate will monitor. If there is a fail on this interface, the unit will failover to the second unit.
    – Set “priority”: this sets the priority of the cluster device. Whenever you change the device priority of a cluster unit, when a cluster negotiation occurs, the unit with the highest priority becomes the primary unit.

  3. Power off FG1
  4. Perform steps 1 to 3 on FG2. Power off FG2
  5. Connect all interfaces correctly, ensure switching is correct, and heartbeat Interfaces are connected.
  6. Power on both Fortigates at the same time.
  7. Log on to one of the units and identify which of them is the master Fortigate by entering

    FG1# get sys stat

    You should get output that looks like the below. You can see from the output that this unit is the master unit.

    FG1 # get sys stat
    Version: FortiGate-60D v5.0,build0271,140124 (GA Patch 6)
    Virus-DB: 19.00098(2013-09-01 11:46)
    Extended DB: 1.00000(2012-10-17 15:46)
    IPS-DB: 4.00385(2013-08-28 22:38)
    IPS-ETDB: 0.00000(2001-01-01 00:00)
    Serial-Number: FG60D3911452369
    Botnet DB: 1.00229(2013-09-01 11:39)
    BIOS version: 04000007
    Log hard disk: Available
    Internal Switch mode: interface
    Hostname: FG1
    Operation Mode: NAT
    Current virtual domain: root
    Max number of virtual domains: 10
    Virtual domains status: 1 in NAT mode, 0 in TP mode
    Virtual domain configuration: disable
    FIPS-CC mode: disable
    Current HA mode: a-a, master
    Branch point: 271
    Release Version Information: GA Patch 6
    System time: Mon Mar 15 16:19:18 1996

  8. Test failover using these tests as a bare minimum:
  9. – Power off a Fortigate unit
    – Unplug port1 (production network)
    – Unplug internet connection (wan1)
    – Unplug one of the two heartbeat interfaces

Go forth and ensure you can keep that 99.999999999% uptime 🙂

Fortigate: Configure Interface Mode

Some of the SMB Fortigate units will have default settings that are good for the everyday user. But what if there’s more to life then an in built switch? What if we want to configure, respect and treat all interfaces as their own?

For anyone that has a Fortigate unit and does not want to use the internal switch (factory default), here are quick steps to configure interface mode i.e. all ports are treated as individual interfaces and will need to be configured appropriately:

1. Delete DHCP server entries

FG123456# conf sys dhcp server
FG123456# delete 1
FG123456# end

2. Delete default firewall policy

FG123456# conf firewall policy
FG123456# delete 1
FG123456# end

3. Enable interface mode

FG123456# conf system global
FG123456# set internal-switch-mode interface
FG123456# end

Done and dusted. Now get that config up and ready!