How to offer a C++ Windows software as a service - azure

We (ISV) are currently planning to offer our software on a rental/subscription basis as a service.
It's a native Windows (C++ / .NET) B2B application.
Our software needs access to the file system (drives) on the customers computer and it also needs access to the network (e.g. be able to find other computers in the network).
We want to offer our customers a service where they do not have to bother themselves with setup/updates and always work with the newest version of our software. So we need a single point of maintenance.
In the first phase we do not expect a lot of our customers (let's say 20) to change to this model, so it would not be a problem to have to set them up and manage them manually, but in the long run a solution that allows an automated set/sign up process would be required.
What I found most promising was Citrix XenDesktop/XenApp with VM hosted Apps and personal vDisks, but it seems that the Citrix solution is not able to get access to the network on the client PC (I tried it with the trial in the Azure Marketplace). Also it seems to be high priced.
What would be other possible ways to meet these requirements?

Unless you can make some significant architectural changes to eliminate the need to access the local filesystem and and eliminate the need to do local network browsing, I would recommend focusing on optimizing your local installation and update process. And skip the virtualization/service idea "for now".
You can still go to subscription model with a locally installed application. Just require your application to "phone home" to check its licensing/subscription status on startup.

Related

Can Loadrunner with Amazon Load Generators test a site that is not publicly accessible?

I'm a web developer and completely new to Loadrunner suite.
Our client has already provided us with some Loadrunner actions, that I need to run them to test a site that is hosted on the company's intranet that I'm currently working.
The computer I'm using can not handle more than 7 vusers, therefore I was requested to use Amazon EC2 for load generators.
Before I request my company to be charged with Amazon services I need to know, would I be able to test our internal page from my computer exactly as I do with the load generator on my localhost, or the page that will be tested needs to be publicly accessible from the internet?
Any feedback will be appreciated. Thanks.
Please read carefully what James wrote. You said you are a web developer so the task that was given to you is roughly equivalent to "write a new DB access layer".
You didn't mention which protocol you are using but I will assume TruClient (based on the 7 vUsers per machine). I will also assume you are using the latest version of LoadRunner or at least something from the 12.6X family.
1) You already have a solution for AWS out of the box in the form of StormRunner (https://www.microfocus.com/en-us/products/stormrunner-load-agile-cloud-testing/overview). If you want to test if the solution works for you please request a couple of execution hours from the sales team and try it. If your company has a valid license for LoadRunner I don't think this will be an issue.
2) You have a simple integration into the controller application for EC2 and alike. In the controller go to Tools->Manage cloud accounts. If you run a small test the cost should not be too great I assume.
3) If you are a developer, we have a new offering called TruWeb which is a transport level protocol which should be more developer friendly. It will be able to run much more users per machine so you will be able to use it to test on EC2 micro machine (free tier). The caveat is that you will have to write some JavaScript code and not be able to reuse the actions given to you. You can download TruWeb from here - https://marketplace.microfocus.com/appdelivery/content/truweb and it comes with the LoadRunner installation out of the box since 12.58. If you need further assistance with TruWeb feel free to email us to - truweb_forum#microfocus.com
I hope this will give you some directions.
a) You need training. This is not a discipline that someone is socially promoted to and finds success
b) Expect that it will take at least six months to begin delivering value in this field, longer if you are not working with a mentor
c) This is a question of application communication architecture. Architecture is one of the foundation skills for a performance tester/engineer/architect.
d) It is not recommended that you use the controller as a load generator. It is not recommended that you use just one load generator. Both of which will cause your test to fail an audit from a more mature testing firm. Go with a minimum of three, two for primary load, one for a control set of a single virtual user of each type. Design your tests to allow for the examination of Control timing records compared to the global set to understand if you have an application issue or a load generator issue as part of your test design.
e) You will need to coordinate with your network team for two reasons. One, you may need to open outbound ports (covered in documentation) to allow your controller to communicate with your load generators. Two, you absolutely will have to coordinate a tunnel from the outside internet to your internal applications under test. Expect that security will be paramount only our requests and no other requests through the tunnel. There are many mechanisms to address this, from a custom HTTP header to certificates. Speak with your network security professionals for the setup and configuration which you will be able to implement.
The self paced training for loadrunner is available for download. It takes about three days to go through. This is the absolute minimum before you pick up this tool in anger. Ideally, you would go through training with a certified instructor and be paired with a mentor for a period. The length of time for the mentor is directly related to the number of foundation skills which you bring to the table.

Windows 10 universal app factory install

Other than delivering the windows 10 app in the Windows Store, is there any other way to deliver it?
The objective is that, when I turn on the laptop/device (out of the box experience), I want the Windows 10 app already factory installed, so the user does not have to "download" the app from the Windows Store.
Is there some "backdoor" that I can preload the windows 10 app while burning the windows 10 image to the laptop/device?
Thanks!
If you're creating the image that is applied to the machines at the factory you can include it when creating the image.
There are various types of apps and many types of licensing though.
Typically people ask for this type of thing as part of an enterprise deployment scenario. If that's what you're after then a provisioning solution once removed "from the box" is probably more appropriate. There are MDM and linked ActiveDirectory solutions for provisioning apps and device configuration. I suggest you start by looking for such.
Update
If not an enterprise scenario, how would you already have the apps on the machine when you take it out of the box? I think what you're really after is a way to set up the machine when you take it out of the box. For that I'd recommend chocolately as an easy way of getting a machine set up how you want it.
In terms of the types of apps you are installing there are different considerations for services, win32 apps and windows store apps. What you are installing and how you create an image can have different consequences.
There are many scenarios regarding licensing but consider an app that is licensed on a per machine basis. If you created an image for machines as they come from the factory (typically enterprises do this when buying a lot and want an easy way to have them preconfigured) then you can't put the same single use license on all machines.

Remote Attestation for Windows

I am building a distributed application in which the software is installed by my company on our customer's hardware. The customer can therefore tamper with the software. I would like to know if a technique exists so that when the software running on customer hardware make a web request to our central server (i.e. totally under our control), that we can validate that the request is coming from an untampered version of our software.
I believe that this is referred to as "remote attestation." Web searches about remote attestation return a variety of results, from "it is not possible" to "use the TPM". But I have not been able to find a simple to understand example of how to code this in Windows.
So, my question is: Is remote attestation possible in Windows, and if so, is there a working example that I can use as the basis for implementation?
Note: Remote attestation is sometimes achieved through "obscuration" techniques such as embedding a "shared secret" into the application and then obscuring it in various ways to try and ensure that an attacker cannot easily extract that shared secret through de-compiling etc. I am not interested in such techniques and am looking for something that provides real security not security through obscurity.
In order to attestate a system you need 2 things:
A chain of trust from a root of trust up to every executed code and
Means to interpret and verify the obtained measurements on your server.
When using Windows you have neither.
Currently not even Windows itself is aware of its sate. However, that improved in Windows 8. Now you have measurements of the boot loader and drivers at least. But nothing that extends to user code.

Creating a simple mobile agent system

I am looking to create a simple mobile agent system which will deal with 4 tasks, i.e 4 different mobile agents jobs: Database update, meeting scheduling, network services discovery and kernel update.
I have done my research and have seen different frameworks such as Aglet, Jade, agent builder etc. My question is which one should i use? Also i need to setup the base code for it to work, can someone point me to a site or help me to setup the basic functions of the mobile agent?
I've read about tahiti server for the Aglet model. I'm quite confused about how to set up the mobile agent system. Any help would be much appreciated.
I have also tried to it using RMI. I had created a method of type agent, but i couldn't pass it through remote method implementation. I was reading about tcp and udp socket programming. I was thinking may be it would be more fair to do it using socket programming. In this case, would this be called an agent? I was thinking about the server sending datagram packets to multiple clients.
You need to ask yourself why you want to use mobile agents at all. The notion of a mobile agent was popular in the agent research community in the early 90's, but fell out of favour because (i) it wasn't clear what problem it was solving, (ii) the capability to allow arbitrary code to migrate to a particular computer and execute with enough privileges to access local data and services is very open to abuse, and (iii) all of the claimed benefits of mobile agents can actually be achieved though web services (REST or otherwise) and open data formats such as RDF. Consequently, few, if any, mobile agent platforms have been properly maintained since the early experiments.
It also sounds as though you need to be clear which end-user problem you want to solve. Scheduling a meeting and updating my kernel are very different tasks - I'd be very uncomfortable with a program that claims do both. If your interest is in the automation of system maintenance tasks, such as DB tuning and kernel patching, on large networks you might want to look at the SmartFrog project, or read up on autonomic computing.
I use JADE and I agree with the first guy, agent systems usually take alot of overhead to going so if you can avoid it, please do. If however you choose to proceed choose a platform with alot of support and a big user group.
Jade has some neat features like a directory facilitator DF, which works like a yellow pages so other agents don't have to know what agents are running and what services are supplied they can simply inquire by the DF.
Also JADE ContractNetBehaviours help simplify communication.

Installshield, how to verify internet connection before installation?

I am using Installshield for the installation of a product.
I am attempting to find a way to verify an active internet connection before I continue with the installation of my product.
I checked all over, even the manual/help guides from the Installshield people.
I am setting "Program Features" through the Installation Designer->Setup Design->Program Feature(s), and figure if anyplace, it would be in here.
Has anyone worked on this before, and found a viable solution?
ps: I am also trying to find a way to check for minimum system requirements as well (NOT THE O.S. Version, just simple things such as minimum physical memory and minimum RAM)
Much Appreciated,
-Kyle
It's possible, but I wouldn't do it in an install, I would do it in the application as the state of the internet connection could change after the install is performed.
I'd also want to clearly understand why this is required before implementing it. For example I have no direct internet access ( by design ) where I do my software development for security purposes. If I couldn't install or run software because of that, I simply wouldn't buy the software.
Then there are security implications of software applications and installs phoning home and hence why I stay disconnected from the internet on certain machines.
That said, to test for an internet connection, you first have to define what that means. Perhaps you have a public web service that you want to invoke?

Resources