Remarks by Bill Veghte, senior vice president for Windows business, on technical advances in Windows 7, Windows Server 2008 R2, and Exchange 2010
Los Angeles, Calif.
May 11, 2009
ANNOUNCER: Ladies and gentlemen, please welcome senior vice president, Windows business, for the Microsoft Corporation, Bill Veghte. (Applause.)
BILL VEGHTE: All right, good morning. Good morning! Welcome to Tech•Ed 2009.
You know, it's amazing, we've been doing this show for 17 years, I've been at Microsoft for 19 years, and this is a show that I look forward to every year. And I look forward to it because not only is it our largest technical education conference, but we get to roll up our sleeves and really get into it, go through here's the innovations that we're bringing, here's what you're seeing in your businesses, and spend the week together comparing ideas.
As we pulled the Microsoft team together this year and talked about the feedback that you've given over the last couple of years, and what we need to do a super job, we've got over 7,000 people here, and I want to start by saying thank you. I want to say thank you for traveling amidst budget constraints or the swine flu.
And we took our responsibilities to make sure that this is a great conference for you very seriously. There's a couple pieces of feedback that came through again and again. One was let's get into the core content, let's maximize it around the breakout sessions, and let's make sure that you've got an opportunity to network and interact together.
I love the theme that we picked this year, because the potential does live in this room. You and I participate in a very fast changing, fast paced industry, and the work that we do together, whether you characterize it an economic context or a productivity context, has never been more important.
One of the things that I love to do as we get ready for a big event is not only I look at all the feedback that you've given us, myself and the Microsoft team, but I also like to shoot some video, because it lets us get to what's top of mind to you. And we kept running this video – I wanted everyone that was participating in the event to see it and sort of make sure they had it top of mind. I got so excited about it that I thought we'd play it all so that we're on the same – we'd play it together now and make sure we're on the same page, and the issues and the opportunities that we see. So, let's go ahead and roll that first video.
BILL VEGHTE: You guys rock. I mean, that's what you do. You're the everyday heroes. You're the everyday heroes. And what we get to do together over the next week is talk about the innovations that we're delivering, the innovations that you're delivering, and connect those dots.
Pour a swimming pool into a Dixie Cup, a swimming pool into a Dixie Cup. The mobile workforce that wants everything, but you don't get to cut slack, you don't get cut slack from a security or compliance perspective because of what they want out on the front lines.
The speed of change: That's what we get to talk about.
I spent a huge part of my life traveling around the world talking to business leaders, talking to CIOs, talking to many of you, and some of the themes, they're very consistent themes, but some of them in the current economic environment are different.
You know, I was trying to figure out what picture I should put up here. Is it whitewater rafting? But we're operating in turbulent times. We are. And I'm not an economist, I'm a technologist, so I can't tell you what the economic situation is going to be in six months. Well, actually the bad news is the economists can't tell you that either. But the one thing I do know is that technology will play an absolutely critical role in the growth that we experience globally, the growth that you experience in your businesses.
And the role that Microsoft has to play as we've talked about as a leadership team is we talked about, for example, this event or the R&D profile that we have over the next couple of years as a company, the couple things that I want to make sure you understand.
One is that we will continue to heavily invest in your development, heavily invest in your development. If there are things that we're missing, we want to know about it so that we can do a great job.
I'll give you two examples. We served up over a million training courses last year – over a million of them. I run the Windows business on the Windows side of it, and one of the pieces of feedback you were giving us is, look, I want deeper technical information on the Web; I want lectures, I want Q&A, I want conversations, and we started Springboard.
Right now on the Springboard series up on TechNet we've got over a million unique users going up and taking advantage of that content monthly.
So, we're going to continue to invest in you professionally, and so keep pushing us on that.
Driving value: Value is not only in the products we deliver but all the toolsets around it, whether it be the Application Compatibility Toolkit or deployment guides. So, push us where you're not seeing the things that you need, because that's something that we are absolutely committed to making sure happens.
But the final piece is innovation and the innovation that we do on our side to make sure that the potential can live in this room. And as a business leadership team across all the leaders at Microsoft, as the economic situation was hitting, we took a step back and we said, all right, what do we want to do, how do we think about our R&D profile and how much we spend or don't spend? Do we cut back, do we put the pedal down?
We will grow our R&D spend year over year this fiscal year, and we'll keep it at that level next year. So, the R&D investment that we're doing, our commitment to you is pedal down, because when we look across the things that you share and give us feedback around, you tell us that there are all sorts of great things that we can and should go do, and that is what we're going to go do.
I want to talk a little bit about Dynamic IT, because this is an orienting point for us in terms of what we do together. In 2002, I think it was, and then when I was here when we were launching Windows Server 2003 we talked about this. We talked about what it meant to be a dynamic datacenter. We talked about the importance of applications and dynamic applications to enable that.
And then we talked about the pendulum as this pendulum goes back and forth between what I'll call sort of centralized command and control through end-user centricity, and that that pendulum swings back toward the end user.
We talked about the fact that complexity and agility were a critical issue that we have to do a great job around.
We talked about the management and the control and amplifying the impact. And in this journey it's fun to stand up here six years into that journey, and talk about things like management or security.
We were sitting here last night, and we were looking at the slides, and, man, it's amazing to think – and I want to thank all of you for the journey and the partnership that we've had on security and management.
I look at our product portfolio today that we've built together, whether it be Windows Server or IE or Windows 7 or Forefront or System Center, you've got a great set of management and security tools. And I look at security and management as something that based on the partnership and feedback is a real asset for us. Does it mean that we absolutely have to continue to improve, but we've come so far – so, so far.
As you go through this session ,though, and as you go through this week together, there are a couple things that I want to call out and watch for as we go through this. One is how we're applying virtualization across a variety of our assets, applying it whether that be on the server or on the desktop, whether it be in the services or in the core underlying platform.
The second piece is – and I think as you are on your journey as an IT professional, and we talked about it in that video, highlighted it so eloquently as the speed of change. One of the questions that you and I will face together is when do you run something in your datacenter, and when do you run something in the cloud, and how do you think about that? What's the tradeoff in costs, what's the tradeoff in SLA?
And I want to make sure you understand that across our different assets we're making sure that you have that flexibility. My personal opinion is that when you and I are having this conversation a couple of years from now, it will not be an "or," you will look at it in your business context and you will say it as an "and."
But the amount of R&D investment and how we're approaching it, make sure whether it be in a platform service like authentication or a more experiential service like communication and collaboration with SharePoint and Exchange, whether it be in the back-end with Windows Server and Windows Azure or in the front-end with things like Outlook and Windows Live, that you've got a menu from which you can pick and choose from.
And so you're starting to see that, and you'll see that through the sessions here this week, thinking about how you have that range and that flexibility, depending on what SLA and what business needs you have. But that's a key theme for us. And we will do that in a business context, as well as an end-user context, and we will do that through our datacenters, as well as through partner datacenters.
The next piece that I want to emphasize with you is this whole construct of anywhere-access and user-centricity. It's something that in the two decades that I've been a part of the Windows business and Windows platform it's a huge pressure point that we both feel. And whether as you evaluate and look at the work, for example, that has happened between Windows Server 2008 R2 and Windows 7, are we providing the right tools for you so that they have greater access to the experiences and services that they depend on in an IT managed corporate network, but also not give up on security, control, compliance, et cetera.
And you'll look at it, you'll look at it in Windows, you'll look at it in Internet Explorer, but that's a key theme that as I see you and the roles that you play where you see pressure in the things that we have to do, those would be the sort of three call-outs.
There's one other thing that is sort of a personal passion point for me, and you can see this – actually I want to go back here – you can see it across the full range of products, but I want to home in on two here just for a second.
One of the things that I see a lot of is the amount of data that your businesses are generating continues to explode, the amount of data whether you're in retail or manufacturing, whether you have a big Web presence or whether you don't.
And I'm pleased to announce this morning right now that we will have a technical preview of SQL 2008 R2 in H2, and as you go through and you look at the stuff this week, one of my favorite things about that is the work that we've done on complex event processing. And this is an age-old challenge where you've got a relatively constant stream of data, it's monstrous, and your agility to be able to pattern match within that data is a huge opportunity.
I'll use an example we've got a Microsoft. Within the MSN adCenter – within the MSN adCenter we have the opportunity to process about a half a billion events, Web events a day. Half a billion events a day. It's a constant stream. You either consume it or you don't.
And our ability to consume that and pattern match in terms of how people are searching, what ad inventory is optimized, what people are interested in, and is the difference between – is literally – literally a double-digit swing in user interaction and a double-digit swing as a result in ad revenue.
And when you think about that huge half a billion unit set of data, the faster and more agile I can react to it, the better off we are.
So, as you look at SQL 2008 R2, take a look at that in particular, we're pretty excited about it, but also now couple that with Office, Office 2010, and the other challenge that you and I have both had is that when you look at your budgets and some of the challenges, I'm not a great queryer of SQL. I use Excel an enormous amount. And there's a bunch of data I want to look at, but I've got to go through all sorts of hoops and hurdles to get the data out of SQL and into Excel and do the things I want to do. So, there's a great set of work that the two teams have done around that.
This is sort of a coming out for us on Office 2010. You'll see some sneaks of it in demo here in a second, but take a look at that. It's a very exciting release for us.
And I'm pleased to announce this morning that the technical preview for Office 10 will be available in July. It's an invitation-only technical preview, and you all will have first dibs on those invitations. Very, very exciting for us, and we look forward to your feedback, and we look forward to delivering a great solution and platform for you with Office 2010.
But the rest of the time I want to spend, and I want to drill in on Windows 7 and Windows Server 2008 R2, and Exchange 2010, because these are three critical products for us. It's a very exciting time in terms of where we are in the product cycle. And I think they fundamentally move us, our important milestones on moving us forward in that journey towards Dynamic IT.
To do that though, as much as I want to dive into the product, I want to just do demos, I think it's important when you invest in us, you're investing not only on the investments we make, but you're investing in engineering process.
And one of the things that myself and the rest of the Windows leadership team have done over the last three years is really do a significant revamping of our engineering process around Windows.
So, I wanted to share that with you, I want to run just a quick video clip so you can get some of the energy and enthusiasm on the dev team side, and then we'll talk about some of the key changes that we've made as a result. So, can we roll that second video?
BILL VEGHTE: Just a quick show of hands: How many of you have run the beta, are running the beta, or are running RC? Thank you. Because that video – that video is that's you as well. You're a critical, critical part of our engineering process.
And as we took a step back on the things that we needed to do a super job, we needed to do a better job of listening and learning, making sure that we had the right telemetry in the product so that we could listen and learn, so that for all of you that raised your hand, participated in the beta, and all of you that didn't raise your hand, please participate in the release candidate, give us your feedback, give us your telemetry data. It's so helpful for us. Just from beta to release candidate we were able to log over 10 million device installs – 10 million device installs.
When I started on the Windows business and the engineering organization, we'd have all these debates. It was decibels as opposed to data in the arguments in what we're doing. We don't have a decibels conversation anymore; it's just data, what's coming in out of the telemetry.
So, listening and learning, and with that listening and learning it's not only about a specific feature, a specific capability, but it's about the fundamentals, it's about performance, it's about reliability, it's about security.
We understand that we're only part of the solution. You as developers and IT pros are the second part of the solution. And that's why I get so excited about Tech•Ed.
But the other thing that particularly in this last OS cycle that you gave us a lot of feedback on is make sure as you approach this release, make sure that it's not only us pushing because it provides greater security or manageability, but make sure it's got a set of things that really excite the end user so we get that push and pull. Because the most successful OS release, and you've been around the block with us over the years, is one where you've got the combination of those. And I think as we look at the early feedback that we're seeing out of Windows 7, we've got a great opportunity around that.
Planning and predictability: I want to be very, very planful. We've spent more time in the upfront planning of this release than we've had in a long, long time. But then you're seeing us very predictably just knock off those milestones, developer release, platform complete, beta, feature complete, release candidate. Release candidate, we're so confident in the release candidate relative to where we are, we kicked off logo testing. We said we will test and certify with the release candidate.
But the other piece of feedback that you and I both know is we need to make sure the ecosystem is really, really ready. And this is something that we spent huge, huge cycles on, and is something that at a personal level it is one of the three biggest things where I've been putting a lot of time around making sure that we've got the right quality milestones, and then we have an ongoing dialogue. There should be no surprises where we're at, and how they can take advantage of it.
And there's a couple things that are very – that it's just great to be able to share with you.
At the release candidate we had over 10,000 commercial companies – this is hardware and software – 10,000 companies participating and developing on Windows 7 and committing their support – 10,000.
Just to put 10,000, that's a number that you generally would see at general availability of the OS or on a really good cycle at Released to Manufacturing. We have 10,000 at the release candidate.
I look and I see, OK, there's some skeptical faces like, all right, well, tell me about graphics drivers. I got a smile out of you, graphics drivers, that's been a challenge for us in some of these release cycles.
I'll tell you what, we've had a half dozen successful submissions for the logo since we released the release candidate, and the first two, the first two were graphics drivers, and they both passed. We've got two graphics drivers already. This is at release candidate, not at RTM and not GA.
So, obviously as you move from release candidate to Released to Manufacturing, the participation of the ecosystem to make sure that we don't have any showstoppers, you sort of push the release candidate out and say, all right, where are we at, because we think we are very, very, very close.
But there's one other thing that I wanted to just hit on, which I'm excited about to announce to you this morning, is when you think about our journey on Windows, one of the core partners for us in this entire journey over the years has been Intel, and Intel has been a critical partner with us in the development of Windows 7.
And during the planning phase we talked as two great companies, talked about what we could do together. And there were two things that we saw as great opportunities for engineering collaboration. One is around power management, power management in what they do across their cores and across their chipsets, and what we do in the OS. And the work that we've done across Windows 7 and Nehalem, the Nehalem lineup, I think you'll be very, very, very excited about.
The second thing that we're excited to announce in terms of the cooperation and the work that's been done is around hyper-threading. And obviously the work that Intel has done around hyper-threading across a multi-core system is absolutely critical for you. And so the work that we've done in Windows 7 in the scheduler and in the core of the system to take full advantage of those capabilities, ultimately we think together we can deliver a great and better experience for you.
So, ecosystem and the readiness around it has been super, super critical, and that's something as you think about our engineering process and our approach I want to make sure you understand we've heard your feedback, we're listening, and we're really, really going after it relative to the setup of this Windows 7 release.
I want to talk quickly about the release itself, and then I want to jump into some demos.
You know the classic tensions: quantity or quality, brains or brawns, tastes great, less filling. But the age-old tension that you and I feel every single day is flexibility versus control, flexibility to the end user versus security and management, flexibility versus real costs long term.
And there were sort of three areas that we really homed in on in Windows 7 to go after where you and I face the biggest tensions in flexibility and control here in 2009 and forward.
The first is around the users and their expectations about being able to connect from anywhere with a wide variety of devices, and have that full experience.
As you go through this week, I want you to really take a look at the opportunities and the work that we've done with Direct Access. When I demo to our internal audiences, because we haven't really been doing a lot of external demos on it yet. With the release candidate, we'll start going much broader, but it is the single most popular demo for our mobile professionals because it gives them full corporate access.
Branch cache. The premise here – you spend a lot of money on connectivity into those branch offices. In this room, there are probably 100,000 branches offices that you represent. They might one or two computers, or they might be 40 or 50, but the work that we've done there – and then search federation, because a lot of finding of anytime access is just being able to find the darn data.
So how do I make my users more productive anywhere? How do I continue to enable data protection and compliance? And so the work here, take a look at the BitLocker To Go work. Mark Russinovich is going to give a great demo here of the AppLocker work, and we've got breakout sessions there.
And then making sure we're continuing to improve on the fundamental security of the platform. One – at least in the conversations with you that I don't see as much or I don't get as many questions from you as I would think – is around the work that we've done in Internet Explorer 7 and in Internet Explorer 8. You gave us a lot of good feedback on how we need to do a better job in terms of control and then the underlying security of the IE platform.
And with Internet Explorer 7, we were the first to introduce things like anti-phishing filters, malware protection. We've taken that and taken it up a level, again, with Internet Explorer 8, with things like click-jacking protection, things like cross-site scripting protection. And so as you think about that underlying security of the platform, not only do you have those capabilities, but you have over 1500 group policies that you can set on your browser. We've heard your feedback, and I think that is a real – relative to anything else in the marketplace – way ahead.
The final area is continuing to simplify desktop management and all of the complexity around that. This was actually the hardest slide for me to build because I wanted to put like 50 things in the list down below. And the PowerPoint guide said, no, four is visually the only way. So as you do the breakouts, you'll see a lot more in here. But providing more automation and richer scripting with Power Shell, all the way over to the other side, the enhancements we've done on VDI so that you've got multi-mon, local printer support, better multimedia support, et cetera. So a lot in those buckets.
And those three areas are great, but I also hear the feedback, and we hear the feedback loud and clear that all those bells and whistles are nice, but that's not enough. In fact, the most important thing is the underlying reliability and performance of the platform. And I encourage you, while it is still only a release candidate, I encourage you to experience Windows 7 and I encourage you to take a look at the performance attributes of that as compared to Vista and even compared to XP and look at the memory footprint and look at how snappy it is.
We're not done, obviously, but it's been actually very exciting and very humbling to see all the great feedback from the beta testers around the performance and reliability of the platform.
The other thing is when you look at this slide, I just want to do a quick call-out on because I do get questions from you regularly on it is we'll continue to deliver in the OS cycles that you know, Windows 7, et cetera, but I'm going to use the Microsoft Desktop Optimization Pack as a way of continuing to deliver ongoing value to you even if it's not in the full OS cycle.
So as you think about our value proposition and the innovations that we're delivering to you, make sure you factor and think about the innovations that we've got in the Microsoft Desktop Optimization Pack because things like the App-V and MEDV work is, for some of you, a very, very exciting and important value for your to manage those desktops and optimize them.
So let's do a demo. Let's get into it and take a look at the product. And the way we're going to do the demos – actually, the way we want to do this is get off of PowerPoint as much as possible and live in the demos.
I'm going to run through, for the next couple minutes, and I'm going to talk about some of the end user side of it, and then I'm going to hand it off to Mark Russinovich, and Mark is going to come up and talk about some of the IT pro capabilities that I was just highlighting. And then Ian is going to come up and talk about and demo some of the work on the Windows Server R2 side and with Exchange.
OK. So as you look at Windows Vista, the first thing – excuse me, Windows 7 – the first thing you look at is actually it's pretty familiar. You look down here and you've got the start button and you've got the task bar, and that's important. The familiarity of this and the approachability was something that was important to us. But then as I start interacting with it, and I'm just interacting with the task bar, and I go down here and I'm getting these previews. Why? Listening and learning, you all have – gosh, you probably have 15, 20, 30 windows open at any given time. The average user has between five and 15 windows open in any given Windows sessions and the ability to preview them is very helpful for them.
Now, these previews are rich. As I go up here and I hover over, I've got the ability to preview, I've got the ability in this case to close that tab and interact very naturally with it.
The next thing we talk about is the task bar down here. The task bar, it's rich space that you can personalize. If I go up here and I bring Excel down, because I like Excel, I can just pin it to the task bar, drag it, and drop it there. If I want to reorganize it, I can just move it over.
The next thing that has gotten a lot of positive feedback from beta testers is this concept of jump lists. Here I am in Excel. I right mouse-click on it. And instead of having to bring the spreadsheet up and then bring up Excel and then bring up my most recently used list, I'll just go ahead and click up here and I've got that Excel file right there.
Now, you'll notice that these context menus or these jump lists will get very rich over time as applications start to take advantage of it. In this case, in Windows Live Messenger, it's got tasks, it's got availability. You go in here in Media Player and it's got 10 play lists or most frequently used. This is one of my favorites. I spent a lot of time in Outlook. This is a quick sneak peek into Office 2010. As you go in here, you've got the tasks that I do all the time, I can do it right from the jump list. So right to the folders and away I go.
The next thing that I want to show is you and I know you've got – well, for years and years, PC run rate, and I'll just use U.S. numbers, PC run rate was you had about 30-35 percent of the run rate was portable. We are blowing through 50 percent of the run rate on our way to 60-65 percent of the run rate is portable. But you have more and more windows open. Tab browser, instant messaging, et cetera.
And you go over here, and so you spend a lot of time rearranging windows. In this case, I've got my Excel spreadsheet and my PowerPoint, you know, and I'd go over here, I'd start resizing the thing and 20 mouse clicks later I'm set. In Windows 7, you just simply drag it to the left and you snap it, you drag it to the left and you snap it just like that. If I want to get back to the desktop, check out the LA traffic, I go down here to this little peek button, minimize all, bring it back up.
If I go over here and I want to get rid of all this other stuff, I just shake it away, shake it to bring it back, let's shake it away to get rid of it. And you'll see sort of the smoothness and fit and finish. One of the other things that I personally love is I'm sending a lot of PowerPoint presentations. If I go in here, I go into my jump list. Let's say I take this meeting thing and I drag it over here and I just drag it on top of my inbox, boom, that mail comes right up just like that.
So that's sort of a quick preview into some of the things on the user side. Let me go over here. I want to now talk about Direct Access just so you can sort of get a demo of this and see how it works.
So the canonical example is I'm in Outlook, I'm cranking through mail, and then I've got to approve an expense report or I want to look at some content up on the corporate network. And then I've got to VPN in. And, you know, I'll VPN in, but it's a long, laborious process.
So through Direct Access, if you go down here, you'll see MSSDI Net, that's the connection that you and I have here at the convention center. So there's no smoke and mirrors on that. But I'll go up here, and this is the SharePoint site for what we call our BOM, or Bill of Order of Materials for Windows 7 on the commercial side.
So I'll go up here, it's going to go across, and it's going to connect. Now I'm on the Microsoft corporate network just like that. As you go through, this is just a good IP-6 application implementation. It does rely on Windows Server 2008 R2, but a very, very wonderful productivity thing for the end users.
The next thing I want to talk about quickly is branch caching. Think about your businesses for a minute and think about the number of branch offices you have directly or indirectly and how much money you're spending around both bandwidth and then solutions for branch office. And we built those solutions into Windows 7 and into Windows Server.
So I'll go across here. And if I go over to this machine, imagine this is a machine, I'm coming to the branch office, I'm the first person in the morning. And you know this fire drill. They bring it up, they wait and they wait and they wait for the bitmap, and then it finally comes up. And then they say, "OK, I've got to get this sales order form." So they bring that up, they save it to their desktop, and they go ahead and they save. And they sit here and they wait and they wait and they wait and then they start getting annoyed.
And then depending on how well they know you or whatever, they start telling you that the network is slow and they're not a happy customer. And you know how that goes. So what we've done in Windows Server 2008 R2 and in Windows 7 is building branch cache capabilities in and you can do this both from the server side or from just in a peer-to-peer environment as well.
So now if I go over and I go back, imagine that I'm now going to a second machine. So this is – now I'm switching over. I've got another machine. I'm the next person in the office, and now I've cached it. So I'll go ahead and I'll bring this up and I'll bring that up. And you'll notice how quickly that bitmap comes up and where you can really see it – let's go ahead and save that order form to the desktop because it's cached and it's going across this other machine just like that. Very, very quick and very, very easy.
The last piece of anywhere access that, frankly, I think sometimes you and I forget, but it's an important one when we watch how people were spending time and where the mouse clicks were is this whole concept of you've got all the darn information on the Internet or in your corporate network, but it's very difficult for them to find it. And the feedback that you gave us is actually you really liked the desktop search, you gave us great feedback about that.
And so, you know, wherever I am, if I go in here, and I can search across – you know, if I type in here and I type in "orion" you know, I can search across and find it. But I want to be able to go across the corporate network and I want to be able to go across – and I particularly want to be able to write search profiles and I want to be able to look across SharePoint. And that's exactly what we've done.
So if I go in here and I do Contoso search and I look there, now, you can see I'm in SharePoint here and I've got all of the rich capabilities for previewing. I go ahead and I can drag and drop and here's another scope just so you can see it. Click Orion here and you can see that, and of course I can drag it to my desktop just like that.
Now, for you, this implementation just uses the open search protocol, and this is just a simple little XML file that you can create and push down onto the desktop and of course your users can as well. But it was amazing to me – and you look at these studies, you can see that IDC just released a study about 11 months ago, the amount of time that people spend searching for stuff, the information that's on your corporate network, that's one of our biggest impediments. And even worse, they can't find it, so then they send an e-mail or call a buddy up to find it. So you've got a huge time suck on that.
The last thing that I wanted to demo for you quickly here is I wanted to demo BitLocker To Go and just give you a sense of it.
So great feedback for you, and thank you for the feedback on BitLocker. You were very enthusiastic about it. You said but, you know, OK, great. Hundreds of thousands of laptops are lost every year or stolen, but these things – what is it, 10 billion in circulation by the end of the year? And you and I don't get any flack if the information goes out the door and people lose the USB stick.
Many of you probably saw the painful incidents that happened in the UK recently where a contractor inadvertently dropped one of these USB keys in the parking lot of a pub and it contained 12 million taxpayer records. And let's just say that was an uncomfortable incident for all parties.
So what we've done in Windows 7 is if I just go ahead and I plug in this USB stick, and I go ahead over here and let's go ahead and we're going to open the file. And if I go ahead and I drag it in and I copy it – oh, it's write-protected. So there's a set of policies around this setup to make it very simple and easy for you to configure that and protect the data that's on the USB stick.
That gives you a quick spin through the end user stuff, but I actually want to make sure you get a good sense of all the IT pro capabilities. And to do that, I want to invite Mark Russinovich out on stage. Mark, as you know, is a technical fellow for us. He's been a great partner and champion through the entire Windows 7 development process. Please join me in welcoming Mark Russinovich. Mark, welcome. (Music, applause.)
MARK RUSSINOVICH: Thank you. Morning everybody. This is very exciting for me because I've spoken at Tech•Ed since 2001. It's my favorite conference. And I've been at Microsoft for three years now, which means I've been super excited a lot of times in those last three years, but this is really special. So I've come up with a new term I want to share with you.
I'm really passionate about virtualization, as you know, so I'm going to try this one out on you, and let me know what you think. Hopefully we can thread it – I'm hyper-excited to be here this morning. OK, not so good? Super-excited then? All right.
So what Bill just showed you was BitLocker and the fact that BitLocker required him to – group policy required him to encrypt that key before he could copy data onto it. And just like all the features that we design into Windows, we want to make sure that they're configurable and controllable by you to provide the behavior that you exactly require, BitLocker being no exception.
I'm going to switch back over to the IT machine and show you some of those BitLocker group policy settings. We'll show you how configurable it is. For example, we can require that smart cards are being used to protect the data on the key. We can also configure password complexity policies so that Bill just can't enter his dog's name as his password and allow somebody to quickly gain access to it.
The one that Bill ran into, though, is this one here, deny write access removal, drive not protected by BitLocker, which you can see we've enabled, so we can make sure that those drives are encrypted and not require end users like Bill to have to go about remembering to do that before they copy the data. He's got more important things to worry about rather than adhering all the time to corporate policy. So it's our job and your job to make sure that he does.
One of the biggest sources of cost in most of your organizations I know is end user lost productivity because they've got configuration problems, they've got malware on their systems, and that's caused by the fact that end users, typically, in most organizations, are allowed to run whatever software they want to.
So one of the most dramatic ways that you can reduce those costs is by controlling exactly which apps they run so that they're only running the things that they need to do to get their work done.
You know that I'm pretty passionate about this too, one of the products that I developed at the company before I joined Microsoft was a protection manager, which was aimed exactly at this. And there's been a technology in Windows since Windows 2000 that also is aimed at this, software restriction policies. I bet very few of you actually use software restriction policies, though, because it's so fragile.
The way that it identifies software is by the hash of the executable image. Which means that even if you have the same application but update it to a new version, that SRP rule you've created breaks, and that means that you've got to go create another rule, in the meantime, the user is not able to run the app.
So we've got basically SRP on steroids inside of Windows 7. It's called AppLocker and I'm going to show you AppLocker in action because that end user machine that Bill is using is actually locked down with AppLocker with the default policy that says that only the applications that are part of the operating system are allowed to run.
So if I launch this line-of-business app here, the stock viewer, you can see that AppLocker is preventing me from running it. So I'm going to show you how AppLocker's wizard makes it really easy for me to create a rule that makes it so that anytime that stock viewer application updates, I don't have to go revisit that rule and the user can just continue to use the new version.
I'll go back here and go to the AppLocker group policy setting where I can run the rule wizard. And this is the magic right here. SRP had these two rules, path and file hash, but AppLocker includes this one, the publisher, which leverages the digital signer of the executable to create more flexible rules.
If I press next, it's going to ask me to point it at a copy of that application. Let me browse to the one that I got on my network share. It's extracted some information from it. The signer of the application, in this case you can see that it sits internal. Now, you'll see this program has a bug on it which indicates the fact that I didn't write this application because Sys Internals don't have bugs, as you know.
Then you can see that it's extracted a product name from it, the file name, and the file version. And this slider over here on the left lets you dial up or down the specificity of your rules. For example, if I trusted everything from Sys Internals, which you should, obviously, then you'd want to set this slider right to here. But if I slide it all the way down to here, I'm creating a rule that says only Sys Internals is allowed to run, and only versions 1.0 or higher. So I've really controlled exactly which application from this publisher is allowed to run, but I've still made it flexible because if version 2.0 comes out, I don't have to go revisit this rule, it's just going to magically work.
So let's go create that rule, and then go back to that machine or the group policy update so that rule comes down, and then I'll be able to run the app. Here in a second. Hopefully that works, it didn't work. Group policy, let me go to the backup machine and see if it works over there. And it'll come down here in a second, and if this one works. No, it's because I didn't put the rule –
(Break for direction.)
MARK RUSSINOVICH: No, I hit cancel where? In the rules? I hit create. Hold on, let me see. There it is. Let me try that end-user machine group policy update. Sorry about this. Looks like we've got a connectivity problem. And I'll be they're fixing it backstage for me. There we go. Looked like magic, didn't it?
So I run the application, and I'm up and running with that new rule, able to run it. (Applause.) So this is actually a line-of-business application that wasn't designed for Windows 7. And, in fact, when I try to exercise this trend feature on it, I'm going to get an error. And this highlights kind of another cost that you've got in your organization, which is end users running into problems on a day-to-day basis and then having to reach out to the help desk, to you guys, to go fix it for them.
And you know that's one of the most painful parts of your job is trying to figure out what exactly went wrong when the end user runs into something like this. In this case, they'd probably just call you up and say, "Hey, the app doesn't work." And that's really helpful. So then you dig in a little bit further, and then they're going to just read some hexadecimal numbers off that dialogue box, which also is not very helpful.
So what we've done to minimize the length of those calls and get the end user's interpretation out of the way is build a tool into Windows 7 called the problem steps recorder. I'm going to launch the problem steps recorder, which is what you'd do when an end user calls up with a problem like that. And you have them run it and press the start record button and then reproduce the problem. Click on that trends button, get the problem, and dismiss it, and then stop the recording. And that's going to prompt them to save a zip file that includes information about that to the desktop.
You'd have them e-mail it to you. And when you get it, you'd open it up. There's a compiled HTML file inside of there that has, screen by screen, exactly what they did to get the problem. (Applause.)
And I know in our everyday lives we're going to make use of this. I know personally my mom calls me up every now and then with a computer problem. And I want to help her, but I just don't understand what the hell she's saying. Now I can see.
So like I said, this application has an application compatibility problem. And a lot of you are probably rolling out Windows 7 and you're doing app compat work, you're running the application compatibility tool kit and creating shims, and you're wondering, do I have to go through that process again when I go to Windows 7? And the answer is: We've made every effort to make sure that all those shims you created for those apps work on Windows 7 as well.
When I see this come in from the end user, I recognize this as a line-of-business app that I've already created a Vista shim for. And so let's go apply that Vista shim and have this application work. And in the process, I'm going to demonstrate another really cool feature that's built into Windows 7 and that's Power Shell V2 because Power Shell V2 has the ability to target machines remotely.
So let's open that up. Power Shell editor. It also has this nice editor debugger, which is new. I'm going to open up that stock viewer script that I made, and you can see here that I've targeted that remote computer in the command with the SDB Ins, which is a shim database installer program, and I'm telling it to install that shim that we created for that app for Windows 7.
So let's press go. It's going to reach out to that machine, install the shim. Let me go back to that end user machine and then relaunch the app. Press the trends button, and then it works. So Power Shell pushed that out and with the combination of the problem steps recorder and Power Shell, I was able to reduce what would have probably been a really painful, lengthy interaction with the end user trying to figure out what went wrong and then having to go figure out how do I get that shim installed on that machine. Just in a few minutes, with the end user still on the call even, I've gotten them up and running.
So speaking of Power Shell. Power Shell is great. How many people use Power Shell in here? So a lot of you are big fans I know, and more of you probably will be. Scripting can save you a lot of time for those repetitive operations. But one of the shortcomings of Power Shell and scripting in general in Windows up to now has been that you can't integrate it with group policy. And a lot of you are, as you've seen with these demonstrations we've been performing, get a lot of value out of controlling your enterprise with group policy settings.
So with Power Shell V2, we've actually finally merged the two. So you can script group policy with Power Shell. And I'm going to show you that with another demo that highlights – actually some of the manageability of Internet Explorer 8.
Internet Explorer 8 is the most manageable browser out there. I've been told that it's got 1,500 group policy settings you can configure. And IE8 has a bunch of new ones for some of the new features it's got. You might be familiar with the in-private mode, which is a really useful mode on a personal level, as well as compat mode.
And let's just pretend that I've got in my organization three departments that each have different requirements with respect to those settings. In the old days, I'd have to go in the group policy editor, create group policy objects, link them to the other users, configure each one. But with Power Shell now, I can create a script here that has – I create a few arrays here, one for each of the departments with the settings for each department. So the sales department needs compatibility mode on, needs private mode off, and so on. And the magic is down here with the VP registry value command list, which is specifying the registry keys where those group policy settings are stored and pushing that out.
And so when I run this, it's going to create three group policy objects and link them to the appropriate OUs, it's running the script here. There's the output. So I've got those settings. Now let me go back into group policy editor, refresh this, and then you've got those three objects that I've just created.
If I dig into one of them here, let's just verify that I've got the settings that I've specified. And sure enough, for the engineering department, in private mode is turned off, and compat mode is also turned off – compat mode is turned on, standard mode is turned off as we configure.
And so while that might have been just as quick if I'd actually gone and created the group policy object, you know with scripts like this – with this script, I can re-use it for a whole bunch of different things. I can go to that Excel spreadsheet where we've got all those thousands of group policy entries for everything in Windows. And if I need to create a new group policy object, I can just go and edit this and edit the OU that I'm interested in, and voila, I just reuse this and instantly just in a few minutes, been able to push out a new object.
So I mentioned application compatibility before and how we're trying to make sure that you can leverage all your investments from Windows Vista going forward. But there are still probably going to be some applications that just don't work on the newer versions of the operations system, or there might be some line-of-business Web sites that aren't compatible with newer versions of IE.
So virtualization is a great tool there to try to bridge that gap and make the transition smoother where you can run those old apps inside of a VM. And you might have heard of XP Mode, which is a license for Windows XP and Windows Virtual PC 7, which you get with Professional Edition, where you can install the XPVM and it's got integration technologies so that you can install applications in the VM and they show up on the start menu.
That's really nice because end users, then, you don't have to train them about virtualization and remember to go into the XPVM. It just – the apps just show up and they can launch them just from the start menu without having to worry about that.
Now, XP mode is great for small organizations where you've got a few one-off VMs that you need to configure, but if you're a medium-sized business or larger and you've got departments that have common virtual machine requirements, you need some way to manage those VM deployments.
So, we've got something in the Microsoft Desktop Optimization Pack called Microsoft Enterprise Desktop Virtualization. That stuff just rolls right off the tongue, doesn't it? And MEDV is our Virtual Machine Management solution for end user machines.
Let me go and show you the MEDV management console over here.
So, I've created a workspace, and a workspace is something that describes the settings that are common to a virtual machine that I want to push out to multiple systems. In the deployment tab, you can see that I've got some really cool configuration options here that let me specify exactly how these VMs are used. For example, I can say what users are actually allowed to use the VMs. Here I've said everyone can. If I've got contractors that I give VMs out to that I want to expire when their contract is up, I can set expiration times. I can also control the flow of data into and out of that VM. So, for example, is there sensitive data in the VM, I don't want the end users copying it out, I can control that with these settings right here.
It's the applications tab, though, where I specify which applications that are installed on the VM get exposed to the end user on the Start Menu. This workspace I've installed Office 2003 into, I've also got line of business applications, you can see the Contoso Order Entry Application, and because I've published them from the VM, they're going to show up in the Start Menu under the MED-V applications entry.
So an end user just has to know to go look in the Start Menu here to find their apps. I'll run this line of business app, and there you can see the tell-tale signs that it's running from the XP VM. The Tele-Tubby Chrome that you see up here, and you see also this red box that also identifies it as something special. That's a box that MED-V puts on there. You can actually go and edit the workspace to get rid of that.
The Web tab lets you target individual URLs at the version of IE inside the VM. So if you target MED-V demo.com at the VM, and that means that when end users are using the Windows 7 system, they're going to be using IE8 like I've got up here. When they navigate around to any other URL, they're going to stay inside of IE8. But if they happen to go into the site that's published from the VM, you can see this is IE6 running from inside that VM. And so your line of business Web sites are going to just work seamlessly for them. In fact, they don't even have to remember to leave this to go back out to sites that aren't supposed to be targeted at the VM. Here's a link here that's not part of that URL. So, if I click on that I end up actually going back into IE8 for that Web site to come up.
Again, the cool thing about this is that you don't have to train your end users about virtualization. And if you've ever tried to explain virtualization to a non-computer person, you know that's a bit challenging. They just see this as just regular applications that might look a little bit different.
Now, another really cool feature of MDOP that I want to talk about is something called App-V, and I know a lot of you are fans of App-V. That's one of the really big things that people are excited about in MDOP. And by leveraging App-V, which is application virtualization, and a couple of other technologies, you can actually realize something that we call part of our Optimized Desktop Initiative. That's another, it's a marketing term, but there's this thing called – we've been talking about called the Replaceable PC. And the goal of the Replaceable PC is to make it really easy for you to get your users up and running really quickly, even when they happen to maybe lose a laptop, and that's what I'm going to demonstrate for you, because App-V means that you don't have to go and deploy the software to those machines. You can actually have them point up an App-V server, and they're going to get streamed down the application, which looks like it's already been installed into a virtualized bubble on top of the operating system. So it's the separation of the apps from the OS.
Then with roaming user profiles, and folder redirection, you've separated out the apps and user settings from the OS, and you've also separated out the data. So now you've separated everything out of the OS, and most of it is on the server, so now when somebody loses their PC, you can reconstitute those things, and get somebody up and running really quickly.
I'm going to demonstrate that for you by walking through a little scenario, which is, I'm an end user. I'm using my laptop here. I'm mobile. And I spend lots of time configuring things exactly the way I want. So I move the taskbar over here. The recycle bin I really like down here, where it used to be in Windows 95. I'm used to that. And I'm also editing my data here on the machine. So I'm going to launch Excel, which is actually going to launch via App-V. I'm going to get a little tooltip down here that tells me that App-V is launching it. So Office really isn't installed in the way we know it, or you think it might think of it traditionally on this machine, streaming down. And now enough of it is here that I can run it. So I'm going to make a chart to show that I'm actually editing things, and really visual. There's my chart. Now I'm going to save this and exit out. Log off.
So here I've just finished doing some work, and I've got a business meeting across town, so I hop in a taxicab, throw my laptop in there with me. Go across town. I get up and, guess what, I forget the laptop, it's in the cab. And do you know how many laptops are lost in taxicabs every year? Billions are. There are just an incredible number.
And so what happens when somebody loses a laptop is, you want to get them up and running. Maybe they don't want to be up and running really quickly, but your job is to get them up and running. So let's say that now I get back to work. I say, hey, I lost a laptop, I need a newer one, and by the way make it better than the last one I had which was really old. So you give them a new laptop. And I've got this new laptop set up here.
I'm demonstrating here by bringing up the profile editor that the user, me, Mark, has never logged into this machine. Here are the profiles installed on this machine, which are the admin profile, and the default profile. I'm going to logout, and log back in for the first time as me. And this is what I would do when I got that laptop handed to me by you. And what's going to happen now is, like I said, those different pieces of data or state are going to get reconstituted on the fly. Folder redirection is going to make my business data, that Excel spreadsheet, available to me. App-V is going to make Office virtually instantly available to me. And Roaming User Profiles means that my settings, which includes the place where I put my task bar, and the recycle bin, are right back where I left them. And let's go verify that my spreadsheet is there. And you can see that it's going to take a few seconds to actually stream enough of Excel down to actually launch it, but compare this with the, let's just say, more significant time it would take to install Office on this machine.
And when it comes up, hopefully my chart is going to be there, so I didn't lose any work. And there it is. So I'm back in business just within a few minutes. (Applause.)
I want to talk about one last thing. Virtualization is getting to be a hotter and hotter area. As you've seen, I've been talking about virtualization for application compatibility. VDI is becoming really hot. Ian will talk about Hyper-V and virtual machine consolidation on servers to save cost. And so more and more of you are going to be working with VHDs, which are the underlying storage format for a virtual machine. They're virtual disks. And you're going to be manipulating this to modify them, to do offline patches to them, We support offline patching in Windows. You're going to be reading them, maybe running anti-virus against them to make sure there's no viruses in them. And in the past you've had to use external tools to be able to manage VHDs, to be able to crack them open and edit them.
So what we've decided is, because they're becoming so important, you're going to be working with them so much, we wanted to make it really easy to manage the VHDs. So we baked in VHD support right into the operating system natively, and that's what I'm going to show you right here by firing up disk management, and showing you how I can surface a VHD as if it was a real disk to the operating system.
I'm going to go to the action button and say attach VHD. I'm going to navigate to a VHD that I've got, which is actually an enterprise client VHD. So it's Windows enterprise client. And you can create one of those VHDs yourself with the WAIK and the OEM translation kit. The tools inside of there let you publish a WIM into a VHD file.
So now that I've got it attached I can open it and browse it just like any other application, any other volume, and I'm going to navigate into it and show you how I can even modify it by coping ZoomIt into it, because ZoomIt is that little tool that I've been using to annotate the screen and zoom in, and I know all the users on my network are going to want ZoomIt, so I copy it into the public folder so that they all have it available to them. And there it is. But, even cooler than that, not just being able to surface existing VHDs we have the ability to create VHDs. And I'm going to demonstrate that for you, and at the same time show you something that might blow your mind, because it did when I thought about it the first time.
Let me create a demo VHD here. I'm going to make it small, 15 megabytes, and I'm going to make it dynamically expanding as opposed to fixed, and that means that the VHD is just going to store the data that I actually write into the VHD. It's not going to be that fixed size of 15 megabytes if it doesn't need to be. And now it shows up as a raw disk to Windows, so I need to partition it. Now that I've got a partition that I can format I'm going to put NTFS volume on there. And now I've got NTFS VHD.
I'm going to open it up and what I'm going to show you is the thing that will blow your mind, and it also really stresses out the VHD developers, because they're afraid that this is going to show up every time they get nervous when I do this, no matter how many times I do it. I'm going to copy the VHD into itself. And you can see here that the VHD started out about 10 megabytes and is growing as that data is being copied into it. So because it started out about 10 megabytes, that means 10 megabytes of data is copying into it, so it's going to end up at about 20 megabytes, and I just copied it into itself.
So that's really cool, too, the ability to create VHDs, but I think the thing that really I think is cool, and I use it on a day-to-day basis is we've also made it possible for Windows to boot directly from the VHD. And that's useful for me, because as we've got these internal builds of Windows 7 and Server 2008, without having to repartition my disk and install the copy of Windows into it, I simply download the VHDs that we produce in the build lab every day, point my boot configuration at it, create a new entry in my boot menu, and boot Windows right into the VHD. And if you're interested in seeing that in action, I'm going to be giving a talk on virtualization and VHD enhancements later this week, where I'm doing the whole thing booted into Server 2008 R2 with Hyper-V on and inside of it, booted from VHD.
So with that I want to turn it back over to Bill. I want to thank you very much, and hope to see you later this week. I'm doing a bunch of sessions.
BILL VEGHTE: Thanks. So what do you guys think? What do you think of Windows 7? Yes? (Cheers and applause.)
Thanks, Mark. That's great.
All right. So, what are people saying about it? The most important thing is the feedback you give us this week, the feedback you've given us on the beta, but we're getting some very, very good feedback on the product in the marketplace, from beta testers, and press. But, there's two elephants in the room, and I want to talk just a little bit about those two elephants. One is, how to think about application compatibility and where we are with that. And when are we going to ship. Do you guys want to talk about that? (Audience response.) All right. We'll talk about that.
Application compatibility, this was key feedback from you again and again. I like the advancements, you needed to make those architectural changes that support the security advancements that we need you to make, but compatibility was tough. And as we approached the Windows 7 product one of the things, and you saw in the video, making sure that as we're making any changes making sure that those changes have minimal impact to the compatibility of applications from Windows Vista to Windows 7. When you think about it across the set of tools there's a lot of patterns and practice.
How many of you are familiar what the application compatibility toolset? Let me see a show of hands. More people should be raising their hands. This is a very – it's a great way for you to assess and get a sense of the application situation you've got. We released 5.5 in early April. We've got about 33,000 downloads, but it's a great tool for you to think about and leverage relative to application compatibility.
Patterns and practices we've talked about. Virtualization, you got a sense from Mark on the App-V and MED-V work, the XP mode that's part of any licensee of professional edition or better.
ACF, the Application Compatibility Factory, this was something that actually some of you in this room, your organizations gave us feedback around, which was a very automated way for you to run through your applications and use lower-cost labor globally. We've got over 100 companies that support this. Millions of desktops have run through this, so it's a good resource for you to leverage.
The final thing that I want to highlight is the work that we do with ISVs. We have labs. We have support capabilities. So if you don't feel like your ISV is getting the support that they need, whether it be with Windows Vista or Windows 7, let us know, because we've put – as we go through this journey, making sure that they're equipped, that is very important investment for us, and we feel good about the tools and capabilities and support of that community. If you've got an ISV where the app is not working, or not on a trajectory let us know so we can get after that.
The second piece is when are we going to ship? This is a question that I get a lot. It's one of the things that as a leadership team we said, as we were going through this journey, is let's not get ahead of ourselves, let's not over-promise, and let's take it milestone by milestone. You know what, we shipped a release candidate, we've had over 1 million downloads, we can get a very good sense of whether we have made as much progress in the product, it looks as good out there as it does in our labs, and I'm pleased to announce right now that we're going for holiday, and we're tracking very, very well for it.
So that means as you take advantage, you're going to walk out of this room, right outside this room not only is Windows 7 tracking well, but that means that Windows Server 2008 R2 is tracking well. So your feedback, kick the tires, this is the time. What that means for you when you think about what you should do now, the most important thing for those of you that didn't raise your hand, please take a look at the release candidate, please kick the tires, please test it. Please give us your feedback. But, I get a lot of questions around how to think about where you are in your deployment cycle.
If you're deploying Windows Vista, and you're taking advantage of the security and manageability and productivity advances that we've got there, we're going to work, we are going to protect that investment for you, and you can utilize that. If you're just starting your testing of Vista, with the release candidate and the quality of that offering, I would switch over and do your testing on the release candidate, and use that going forward. If you're waiting for Windows 7, holiday broad availability, that's what we're tracking for. Obviously, quality is job number one, and we will hold if we think we have quality issues. But we're tracking very, very well to holiday. But go, go check it out now.
On the ISV and developer side, utilize the Windows 7 SDK as we talked about at the PDC in the fall, making sure we have a platform complete with a list of releases, very, very high quality, and obviously a lot of people are developing against it now. But test your current applications, building those applications, and if you're having issues, let us know. We've got a lot of resources around that.
So, with that, let's change gears. Let's show some more demos and talk about Windows Server, now that you know it's coming soon, and invite Ian McDonald. Ian McDonald is general manager of Windows Server, somebody I've had the privilege of working with for many years, and he's going to show you Windows Server 2008 R2. Thanks, Ian.
IAN MCDONALD: I have to tell you, I've been at Microsoft a while now. I moved over to the Windows Group about six years ago. Bill Veghte hired me into the Windows Server group, and he left about a month or two later. That was really mean. That was a mean, mean thing to do.
So I'm Ian McDonald. I'm General Manager of the Windows Server Group. You know, I run the end-to-end development process of Windows Server, so from like the early sort of time where we go through planning and taking feedback about the previous version all the way through to the end, and the release, and looking at what we're even doing after release. And today I really think that today, this Tech•Ed keynote, is kind of a coming out party for Windows Server 2008 R2.
We've been the silent partners in the Windows 7 project. Everybody has been super interested in Windows 7. We've been going along and just sort of, you know, keeping quiet, keeping our releases going, finding out some great stuff, getting some great feedback from customers we've been working through. I'm going to show you some great stuff that we're doing that's new in Windows Server 2008 R2 today, some things that work better together with Windows 7, and some stuff that we're doing with applications that run on the platform. We think that between Windows 7, MDOP, Server 2008 R2, obviously, all up to that is driving cost out of the infrastructure.
The second thing, which is building a great platform for developers, and I'll talk about some of the stuff that we're doing there. But driving those costs down, and especially in this economy, it's really an important thing. And it's funny, in that video that we showed earlier, a while ago, someone mentioned the idea of doing more with less. That was a call that we actually had in Windows Server 2003 R2, and it's been our focus. It's been consistently our focus for a long while.
For us, I want to sort of step back, and I want to talk about some of the things that we sort of drive the project, drive our projects with, drive our themes with, talk about what's important for us. And for our group the key thing is listening to the voices that speak to us. Maybe those voices in our heads, I don't know. But the voices of our customers, the voices of technology, the voices of our business, and sort of putting that SKU together to try and make the right product, and making the right product with the key qualities.
You know, the big thing for me, and one of the big sort of realizations we had like six years ago is, in the server business predictability is pretty important. And that's why we've been going on this theme of Server 2003 back in 2003, Server 2003 R2 in 2005, Server 2008 in early (2005 sic), and this Christmas, or you know on Christmas Day you'll be able to go and get your Windows Server 2008 R2. I know my kids will, it will be great.
So, you know, the big thing for, if you're in the server business, the big thing for us is, we know this is the place where computing advances go first. You know, if you're going to go and have a look at a big scale, a broad scale-out sort of system, moving into clouds, being able to go and say, I'm working between my on premise system and my off premise system, and going and driving all the bits that you've got going there, that's very important for us, and that's what we think. That's one of the things that keeps me coming back to Windows Server, because we know either together with some of our partners, or some of our partners have created some new advance in the way that either the processes are working, or the hardware is working, or we just know that it's continuing and continuing on, and creating great technologies.
Now, you know, the other thing there is, we believe in value, and creating value. And I think we did our big sign of this a couple of months ago, which was we released a thing called Windows Server Foundation Edition, which is a Windows Server 2008 Foundation, which is we know that there's a low-end server business out there, we know that there's a business out there where people are going up to HP or Dell or whoever, and buying these $500 boxes. And going and saying that Windows Server costs $700 on top of that is kind of crazy. So we've introduced a low, cut-down version of Windows Server. It doesn't go and say Small Business Server doesn't exist anymore, because Small Business Server has a whole bunch of other stuff. We're going and focusing on the value and the price that we've got to be able to go and do to provide value.
On the other end, you know, on the huge scale up, later on we talk about things like Windows Server is actually going to scale up to 256 hardware spreads in this release. We believe between Windows Server 2008 R2, and SQL Server 2008 R2, there isn't really a computing job we can't handle. We know that there's going to be scale up. We know that we can go and handle those sort of things, and the proof will be in the pudding. You'll get to believe us after we go and do it.
So one of the other things I will actually mention, I saw someone tweeted yesterday on Twitter, that they were surprised that Windows Server 2008 R2 is 64-bit only. It is 64-bit only. Get over it. You couldn't buy a 32-bit system for a long while. That's where we're going, that's where we're investing.
And the other thing that I would do today, actually tweeted before that my first mention of Twitter would get something free for someone if they got a particular response back. Someone has probably already won that, so you're out of luck.
Let's talk about the things that we drive, the release, and the pillars, and the stuff that we've got going in there. And for me, or for the team, Windows Server and what we do for a product, and when we're planning out a product, it starts with a set of documents. The key one being what's called the Vision Document. And we did that before we released Windows Server 2008, about two years ago, a little bit less than two years ago. And that's really something that's a culmination of feedback, doing architectural reviews, working with our business guys, working out our long-range vision. And really what happens is that we go and build on four pillars.
So those four pillars: 1) the Web; 2) management; 3) virtualization; and 4) foundation, what we're doing on the bottom. So I'm going to just jump into each of those, and then I'm going to go and demo something, and I know you want to clap when demos go south, but my demos will work.
First of all, developers, OK, do you want me to do the Steve Ballmer – developers!– we could do the whole going back and forward – developers, developers, developers! We know that Tech•Ed is all about talking to developers and getting our message out, and wanting to hear feedback from you guys. We constantly want to hear feedback from you guys. So one of the things that is a key developer story for us is what we're doing with the Web platform. Web Servers are a very important thing. We've got a number of great customers who we've been working with, who have built this huge infrastructure based around Windows Server. We're going to take that along, we're going to take it further with Windows Server 2008 R2.
Now, one other thing, if you've been in those, you've been out at IIS.net, or some of the Web sites that are a part of that community, you'll see that we've been releasing extensions for IIS for the last year. We've just been going along and releasing extra bits. One of the big pieces of functionality that we're releasing is a thing called the Web Platform Installer. And really what that allows you to be able to go and do is that if you're a Web application developer, you can just go and choose the parts that you need to be installed onto the Windows Server box.
One of the other big things we're doing with Server 2008 R2 is, we're going and getting the fully ASP.net stack, the full .NET runtime running on server core. And server core is a top-down version of Windows Server. It has no UI, you do most of the management remotely, all that sort of stuff. And so you can go and say that for your front end Web boxes, you can really cut down the size of the image. You can go and do things like only have the parts on that image that you want to be able to go and do. We think like what Mark said before, like VHD, you can go and go and just do a single XCOPY to go and deploy a thing, or if you've got a hypervisor running underneath all your Web servers, you can go and do an XCOPY of the VHD out to that site. So we're going and saying that you can go and make the images smaller, you can go and deploy them easier, and you can go and get them into production easier. And we really think that that .NET server core really goes and makes a whole bunch of the extra things much better.
And, as I said, all remote, all management can be done remotely now. So you can go and have your Server Manager, which we've had for a while now, webbed remotely, or you can use PowerShell, and I'll talk a little bit more about PowerShell in a second, because as Mark showed PowerShell is one of our big stories, and one of our big investments that we've going into.
Now, the second area, as I start talking about management, is what we do to help people automate. I fundamentally believe that gone are the days where we should ever ask an administrator to touch a single machine. You should be able to touch a single machine the same way you manage 10 machines, the same way you manage 100 machines. The same way you manage 1,000 machines. We believe that you should be able to go and manage as a service, not have to touch a single server. And for us that's building on automation. And we believe that what that's doing is making the administrator's life easier, because we know that whether it's through virtualization, and sprawl related to that, or just more services going up, you've got to manage more stuff today then you did five years ago. And so really going and building automation, and focusing on that.
Now, one of the things that I will actually go and say is, when you see the new administrative framework that we've built, they're fronting PowerShell. So if you go and have a look at the Exchange Admin in the last release, and obviously in the Exchange 2010 Admin, if you go and have a look at System Center Virtual Machine Manager, if you go and have a look at the new Active Directory stuff that we've done in Server 2008 R2, that is fronting PowerShell. So all the way through you can actually get a PowerShell script out of the admin UI. I'll show you that in a second.
And, you know, I really think that that's the right thing, because we share what's happening under the basic covers, and we open it up for you, and you guys can go and modify it in whatever way you want to be able to go and do, and hopefully the community is also able to go and share things out together on Script Center, or specific sites like IIS.net. Now we'll actually just go, and instead of taking a slide for a second, actually directory administrators, you are going to love Server 2008 R2 for two basic reasons. One is, the admin interface just I was going to say a bad word, like kicks ass, but I can't say a word like that. It's really good.
The second thing is, you get Active Directory Undelete, and Undelete is something that I now Active Directory administrators want to be able to go and do, because you get to be able to revert back. So you're going to love that, trust me here. OK, trust me. If you haven't downloaded the RC or the beta, go and check it out, because you'll probably want to move to that as soon as possible.
The third thing that is very important for us is virtualization. You know, back when we sort of started down this path of the releases that we're in, you know, the consistent path, virtualization was a story. You know, we had acquired Connectix in 2002. But it was something that wasn't as mainstream as it is now. Now every discussion that I have with customers, with people who are writing stuff for the platform, or anybody that I'm working with, virtualization is the base of the story. And we've gone and built our hypervisor from the ground up, and focused on building our technology to be very much virtualization aware. And that's why you see things like in the core kernel we're building things to be aware of when they're running in virtualized environments. We're going and doing things like some of our default image management with VHD. And that's why we're consistently going focused on that, because we want to make it easier for people to be able to go and push virtualization out. We know that we are much cheaper than the competition. The competition is about 300 percent more expensive than the current version, and we think about 500 percent more expensive in the new WebSphere, something-sphere, version that's coming up.
Now, the discussion that I've had with people, the big feature that people have always gone and brought up is, you don't have live migration. Now, live migration is a great feature. When you go and talk to people you don't find that many people are actually using the automated functionality behind that in production, and they are doing things like filing their systems around, they're not using some of the automated functionality.
I'm going to show you a little later us doing live migration. I'm going to show you that in combination with System Center Virtual Machine manager. But, I do actually want to go and announce a couple of things that we're doing in Windows Server 2008 R2 that I hadn't actually talked about.
The first is Hyper-V will now be able to support 64 logical processors. Previously we had a limit being 32, now it's 64, that's more than anybody else on the market today. Come on, that's a good thing, if you're a virtualization tool you like that. Second is, we go in and we're leveraging much deeper on some of the processor hooks that are coming from the processor makers to be able to go and support things like extended page tables, nested page tables. What that means is the footprint of the system, and the performance of the system is actually greatly enhanced, and the footprints are reduced.
The third thing is, we know that not – especially today not everybody can go and afford to buy their latest generation-five deal, whatever. We know that. And we know you've got a bunch of old machines probably sitting in your data center, maybe 2 years old, 3 years old, virtualization aware, and you're going and saying, what the hell am I going to do now that I'm moving everything across. We are going to put in a thing called compatibility mode, or processor compatibility mode, which allows you to be able to go and run two Hyper-V nodes that have differing processors, and be able to go and work them together.
And we really believe that will and lower the cost of entry for people, and simplify a lot of the management for people, because you can go and get those high-priced new machines, and stick them in to be able to handle the most important workloads, for some of the older ones. So that's a great piece of functionality.
Finally, in terms of our pillars, our fourth pillar is all about the foundation. I've mentioned before that we go and scale up to 256 logical processors. We showed that off at our hardware engineering conference last November. Frankly, I didn't want to go and have to bring – they never let you carry on a 256-core system on a plane, I guess. So frankly I didn't want to go and bring one to demo, but we went and showed that last year. You can actually go and see the demo up on the net. We're going and doing that. It's really interesting. There's a whole lot of green lights flashing, and then there's a whole lot of green lights flashing. But, it worked really well.
One of the things for us is, we've been able to go and remove a thing called the core dispatcher log, and that's allowed us to be able to go and enable things like SQL Server to be able – SQL Server 2008 R2 to be able to go and get awesome scale. And we really believe, from the things that we've been modeling, the things we've been looking and working with customers about, there really isn't a workflow that we won't be able to go and handle with this.
So yes, from there I'm going to go on and I'm going to talk about something else that's new, which is our file classification infrastructure. This is a new thing, we haven't shown this before. We haven't really talked about it in public. And really what it is is moving forward one of the most basic things that everybody has, moving it further forward than it's ever been. Frankly, we've all had file servers in place for years and years, and really they haven't changed all that much for a long while.
One of the things that we've been going and doing is looking and saying, how can we go and have some of this technology, and make it so that developers can go and hook into there, and be able to go and empower different scenarios. One of my beliefs for a long while is that – and one of my things that keeps me coming back to doing software is, we're not – it's not like we come down from the mountain with stone tablets or anything like that. What you guys do with our product is the thing that ends up being amazing, and really taking us to new levels, and taking things out.
So what I'm going to go and do is I'm going to go and show you some things about this file classification infrastructure, and I'm going to switch to demo machine. Look at that. Notice there I've got low disk space. I'll come back and talk about that in a little while. So what we're doing with file classification infrastructure is we're going and saying that you can set extended properties on files. In this case I'm going to go and say that I've got a confidentiality tag and I've got three levels set against that. That's in here, for the people who can't see that, because I know that our admin UI is usually a little small and hard for people in the back to read.
I'm going to go and set a set of rules based off that confidentiality tag. So in this case I'm going to go and say, I want to go and find all the way down here, I'm going to go and find any files sitting on my file server that says Microsoft confidential in there, because we know that people have got stuff stored out there, stuff that's been stored out there for ages and ages.
Finally I'm going to go and say that I'm going to go and have a look at a task, and I'm going to go and say, I'm going to have a look at this task, and what that task is, it's an action – it's actually a PowerShell script. I can go and do things like set the security level that I'm give to it. I can go and say that I can notify people beforehand, or whatever I want to be able to go and do. So I'm going to go and what I'm going to do is I'm going to run my file – run my search for confidential files in here, and it's going to do a couple of things. In that script it's going to do a couple of things. It's going to move any confidential files to a secure place. It's going to leave a symlink back in the place where the files come from, and it's also going to promote the properties up into SharePoint.
So I'm going to do that, and I'm actually going to go and wait for the task to complete, and this is the time where Mark is worrying, because he was worried about his demo before. But, mine is going to complete in about that time. And what I know is that I've got two files that have actually gone and propped up, and been found. And basically what it says is they've found the term “Microsoft confidential” in here.
The interesting thing is one of those files is a .doc file. OK. You should expect to go and find a .doc file. The other one is actually a .tiff file. And I go and find that file, OK, here it is, that was a symlink. Look at that, it says Microsoft, we've build OCR technology into Windows Server 2008 R2, and given you the ability to go and search for those sort of files. I will actually go and say this is the slide I showed you before, so it's not really that confidential anymore, is it? So if I go back here the other thing I'll show you is if I go into my SharePoint site that I set up here, I can go and see that I've had files popped up into SharePoint that have actually gone and had that confidentiality tag.
Now, the other thing that I'm going to show you, I'll tell you, I'll admit something, and I'm going to get killed by the lawyers for this, we have a file server at Microsoft. It's called Specs, it's been around since the dim, dark, distant days of a NT 3.1. It has been upgraded. But it's been upgraded many, many times over the years. I went actually looking around for something that I thought I had left in there a couple of weeks ago, and I actually found some specs I had written for what became Server 2003. I had written them in 1999, and they were actually confidential at the time. I don't think it really matters at this time. But, that's ridiculous that there's information and big files sitting out and taking room up on file servers that are 10 years old.
And in this case I've got on my system here, I'm actually out of space. You saw the warning before I'm out of space on my data drive. So what I'm going to do is I'm going to go and use that same confidentiality tag and I'm going to use a file management class to be able to go and have a look through, and take an action, which is delete, maybe you guys have heard of that one before, and on files that are older than 10 years, or haven't been touched in a year. And the other thing that I can go and do is I can go and say, let's go and get – let's notify the owners and the administrators of those files 15 days in advance, so you can be nice to them. The BOFH guys probably would run it and get rid of everybody's stuff.
So what I'm going to do is I'm going to go and run this task, and I'm going to sort of let it run in the background, as opposed to running in the foreground, and I'll go back in and look at my system. Before you remember, this is like one of those core things in server examples. I've got ht lights flashing now, the lights are flashing now, something is happening, I hit F5, swap dates, it's running, it's running, there's something. I've got some disk space free. Now isn't that – that's a fun server demo. It's a core server demo, but I got rid of old junk that was sitting in there. I got rid of stuff you probably don't care about. And really if it's stuff that had any sort of legal implications to your organization it probably could be a bad thing to be keeping around.
All right. So there is file classification infrastructure. Obviously what I can show of a product like Windows Server 2008 R2 in 10 minutes is not going to be able to go and even scratch the surface. There's a lot of stuff there.
I'm going to move on. I'm going to tell you about some other things we're doing. And I'm going to come back and I'm going to show you something about Windows Server 2008 R2. But, I want to talk about Exchange 2010. I worked on the original Exchange development team. I was on the 5.0, and 5.5 releases, and then worked on OWA in '98. Exchange is one of our best apps on our platform. It's one of the most deployed apps in the world. We're probably going and dealing, we're talking to a lot of people who are going and saying, I've got too many Exchange Servers, I need to be able to go and get more scale out of them, I need to be able to go and push some of those things out in the cloud.
Exchange 2010 is really the first release that we've had of a product that is fundamentally built to be able to go and be an on-premise server, and run as a cloud service, and be able to go and handle the difference between running between those two worlds.
And if we go and have a look at the products, the fundamental features underneath what's happening on Exchange 2010, really it comes down to three big things. The first thing is, it's great for dealing with communication overload. And really things like just simplifying inbox navigation, being able to go and share calendars across organizations, going and doing things like that.
The second is, looking at the reliability and lowering the management costs, and increasing the performance of the system. I'm tell you one thing that we did on a test the other week, a really big database, and I can't remember how big it was, but it took 30 seconds to fail over from one node to another, using the clustering backend there. So we've been able to go and sort of see some really amazing performance improvements, and really simplification and management.
And the final thing is about compliance, and protecting data that you've got in there. So what I'm going to go and do is I'm going to go and show you something. Which is, you as an administrator, or when you go and get your legal guys to come along and beat you up, you will be able to go and automatically go and say that any message that is sent in your organization can be IRN protected. So it can be automatically protected. I think we all heard last year of the lawyer in New York who sent a piece of e-mail that had auto-complete, or did something silly, and instead of sending it to another lawyer sent it to the journalists in The New York Times. I don't think I'd want to be the IT guy that goes and has that experience explaining how that was able to go and happen.
So what I'm going to do is I'm going to switch over to Exchange over here. And I'm there already. And I'm looking at a technology preview of Office 2010, of Outlook in Office 2010, the thing you guys will be able to get in July, you want to get it. It's awesome. It's awesome, awesome, awesome. And what I'm going to do is I'm going to send a piece of mail from one of my users. Now my user is a mail box that's named Arlene Hoff. She's in our legal group. She's going to send a piece of mail to one of our executives. Now the thing we know about Arlene is that she is not very good at remembering to put these permissions on there, and she's got these files that we're going to attach, and here's a document, look at that.
There goes my – all my dissing of Mark. And the funny thing is – let me see if I can go and do it on Machine Z. Let me go and see if I can do it on there. OK. So I'm in here, my mouse is going to catch up in a second. My mouse has caught up. OK. So here's my message, luckily we have “fail” over on the backend. And I'm going to go and attach this file. There it is. I'm going to convert it. And I could just open it and have a look. Come on, open for me. I'm just opening a Word doc, it's not like – whatever. I've got a mail message in there. This is not the key part. Actually, the funny thing is that in there there's a term – the important part was on the second line, and it said something like, Mary Jo Foley can't know about this project. That was the joke about opening that file. So it wasn't all that important.
So what I'm going to do is I'm going to do is I'm going to go over to this administrative framework and I'm going to have a look. This is the Exchange 2010 Administrative Framework, and I'm going to go and have a look at how I can set a rule that goes and says that any message between my legal group, look at that, isn't that nice.
OK. So there you go, Mary Jo, a shout out to you, I suppose. Does it get on the special project name list? I don't know. This is really fun.
OK. So I'm in a rules UI, I'm in a basic rules UI, and it just says any message from our legal group to our – between our legal group and executives get rights protected with a template. And in this case we have a do not forward template. And I'm just going to go and say that all of that is in place, and we exit. I'll just cancel that, because I've already got it enabled sitting in there. But, it's just a basic rules UI. You don't have to go and do anything extra. You don't have to go and do a whole bunch of extra admin work. And what I'm going to go and do is I'm going to go and get that message from Arlene, and I'm going send it to Shane. Then I'm going to go to Shane's mailbox in OWA and I'm going to wait for that message to deliver.
Now, one of the things I'll just mention as an aside about Outlook Web Access, I worked on Outlook Web Access, and I think it's an awesome piece of technology, is the fact that this was 10 years ago. It got much better after I left, believe me. Is that it now runs beautifully on other browsers. It runs awesome on IE8. It runs beautifully on Firefox and Safari. OK. So everybody who has been asking for that, go and do that.
Now one of the other things that we've gone and we get here is the message that I've just sent, IRMed, previously you wouldn't have been able to go and open it up on OWA. Now it's actually been sent through, and it's actually got through to Shane, and it's been automatically protected. That's what the little icon up here does and says that the message has been automatically protected, or all these words that are sitting in here.
So automatically I've been able to go and do it.
Now one of the other things is, and one of the other complaints that people have had about OWA is that if I've got an attachment on a message, especially if it's an IRM message, I can't go and find that. I can't go and search for that in OWA. You would think of all people I would be able to spell Vegemite. There you go. So instantly I'm able to go and find, and I'm able to go and search with Outlook Web Access into documents, and especially even documents that are rights protected.
Now, there's heaps more stuff that we've done in Outlook 2010, and what I'd like you to do, if you're interested in this sort of stuff, there's a bunch of sessions there to go alone. We've got some sessions talking about how you're able to go and have a look at that information protection and control, because it's great stuff that will just simplify the lives, and it will take weeks out of our people's working.
Now, finally I'm going to get onto what I would call the headliner, the main story, the main thing that we've got, which is virtualization in Windows Server 2008 R2, and working together with System Center Virtual Machine Manager. You know, as I said before, live migration was one of the big features that we've been going and talking about, but one of the things with System Center Virtual Machine Manager is that we believe that you can go and have one toolset that's going to be able to work with your physical and your virtual environments.
It can work with all the different virtual environments we've got out there, Virtual Server, Hyper-V, some other thing called ESX, I don't know who uses that, but some other thing that's out there, and doing it at a much lower cost, and really coming in at a lower cost point than anything else that's out there. And it enhances us, what we're doing in Windows Server, but it really enables data center management at the right level. So it goes and does things like Live Migration, goes and enhances the story of in cluster support, and goes and does a bunch of SAN stuff to be able to go and work with the standard ISCUSI SANs, and things like that. And, really, at about a third of the price. I sound like someone on the sort of television station that sells things.
So what I've got here is, I've got System Center Virtual Machine Manager. And we've got seven VMs running Virtual Machine Manager. One of them is running a streaming media service. So IIS and the Media Server Extensions, and they've got my lame Webshow up there, they've got an ad for Windows Server 2008, and a video of my kids, because it's the day after Mother's Day after all. And so we've got that streaming from this VM that's sitting in here.
The first thing I noticed when I've gone and opened up System Center Virtual Machine Manager is, I've got this thing called a PROtip. A PROtip really goes and is really something that allows you to be able to go and set performance and resource optimization. So that's what PRO stands for. And this PROtip is telling me that one of my hosts, and at the back I've got a pair of HP DL-350s, and HSA-2010 running the back end of this. But it's saying that one of my systems is actually running with high CPU utilization, so I should do something about it.
Now, I could take the automatic route with System Center Virtual Machine Manager 2008 R2, we're so good at naming them, with VMM, or I could go and do it manually. I'm going to choose to do it manually because I feel like doing that. And so what I'm going to do is, I'm going to go and choose to migrate this host, and so using Live Migration. And what it's actually gone and done is, it's actually gone and said to me what nodes that I've got available if I have more than one node, if one is sitting out in my virtual infrastructure, it would have those lists out there. And it's also given me a rating of those other nodes that are available for the system. So what I'm going to do is, I'm actually going to choose to migrate this system to Node 2. And I'm going to go next, and it's just given me the list of what it is.
One of the things I'll just show you there is, down the bottom you've got this little button that says view scripts. It shows my PowerShell script, it shows the stuff behind it. So, you can go and take that stuff, if you've been going and looking into it, and you can go and build your own scripts around it, you can have your own set of skills to be able to go and do that, or you could go and share your better way of doing it than maybe even what we're doing it.
So what I'm going to do is, I'm going to move that host from one machine, and at the same time you'll notice our streaming media server is just running great over there, we're just failing over at the moment. It's taken – generally, this is a host that's about – I think about 3 gigs running on that SAN. And we've been able to go and – so we're showing that system it's going to move between systems. Last weekend we actually went and ran this demo last week, we ran this demo and then we ran our little ping pong tool that allows it to be able to go and fail between us, and we got 11,000 failovers the time we just left it alone, while it's going and running, and still streaming, and still streaming, all this stuff, and everything was running.
So this is a great piece of functionality. It comes in much, much, much deeper than alternatives, and is one of the big things that we're going and doing with Windows Server 2008 R2.
OK. So that's the end of my time. I showed you three demos of stuff we're doing in Server 2008 R2. There's a bunch more, there's heaps of sessions about what we're doing in the server business. I said before, availability parallels Windows 7, so the Digistore up there they're going to get a server box for Christmas, I think a rack. I think a rack would be really cool.
So it really is – I'll come back to telling you, this is part of a path. We believe that we've been on a path, and we're continuing on a path. And it's a path we've been on for six years. We've been through it for four releases, which has been focusing on building consistent, scalable, rock solid, and full of value releases. And we're going to continue to do that, and we're going to go and do it.
So right now I'm going to hand it back to my mate, Billy V, wherever he is. He's running around, I'm sure.
IAN MCDONALD: Thanks.
BILL VEGHTE: Excellent, great job.
All right. We'll get you out of here. So you got a sense of all the innovation and all the things that we're doing with you, around Dynamic IT, from the data center to the applications, to the end user-centricity. We've got 750 sessions together over the next week. We've got the connection time, both face-to-face and online. You've got on your seats the coupons, to make sure that you get the very best prices on the content. And then right outside you've got the resource kit, and then Windows Server 2008 R2 and Windows 7 release candidate.
The potential lives here. Thank you very much for the partnership. (Applause.)