Adventures in home working

I have Office 2007 running now on my Tablet and Laptop, both running XP,  but my desktop machine (2003 server) is not something I would risk putting Office 2007 on yet, mainly because I collaborate with too many people who are on previous versions of Office.  At least that was my logic until last night when I finally got around to installing SVS from Altiris.  Here is my step by step experience:

First try

• Terminal served into my desktop (2003 server remember) as admin
• Installed SVS
• Rebooted
• Tried to install Office 2007 in a layer, a layer is an SVS term that describes a way of isolating an application (by means of a file system redirector) from any dependencies on your PC and also isolating your PC from any changes that the application tries to make.  In other words – its safe!
• Install failed,  which is perhaps not surprising as I already have close to a hundred applications installed including OneNote 2007 and Altiris recommend installing on a clean machine.
• Started again

Second try

• Created an XP SP2 Virtual machine using VMware 5.5
• Installed all patches and VMware tools
• Installed SVS
• Rebooted
• Installed Office 2007 into a layer, worked fine
• Exported the layer to network drive (failed)
• Exported the layer to the VMware Virtual drive (worked)
• Copied the exported file to network drive
• Terminal served into my desktop (2003 server remember) as admin
• Imported the exported file into a layer on my desktop
• Activated the layer
• Went back to my normal user account
• Double clicked a PowerPoint file,  PowerPoint 2007 opened and ran fine (very limited testing)
• Clicked on PowerPoint 12 icon in Start Menu, worked fine (very limited testing)
• Went back to my admin account
• Deactivated the layer
• Double clicked on a PowerPoint file, PowerPoint 2003 opened
• Note: In the above activate and deactivate actions I did not need to log-off or reboot

So I now have Office 2003 installed on my desktop, and office 2007 available as a layer that I can activate as required.  I am impressed enough that next time I rebuild my desktop,  I will probably install all applications as layers,  although except for testing out new applications I don’t think I will use SVS extensively until then.  I will also look forward to some admin utilities being developed that allow me to copy files around between machines or do bulk imports and activates, so that maintaining multiple machines and rebuilding them becomes less of a chore.  Of course Altiris has enterprise scale tools to do this,  but I only have 9 physical PC’s on my home network

Consumerization is a term that was coined by Doug Neal of CSC to describe the fact that enterprise IT is being disrupted by the combination of tech savvy employees who make high levels of personal investment in IT and have access to a whole raft of web 2.0 applications via the Internet. Gartner are also now vocal on the trend.  The challenge faced by enterprise IT is how to unleash the creativity and leverage the investment of their employees whilst at the same time retaining control over key applications and data.  There are a few popular approaches that seem to be getting traction:

Operating System Virtualization:  users have one PC (virtual or physical) that’s their’s and they can use it for whatever they want (within reason) and another (again physical or virtual) that’s managed by the enterprise.  The flow of data between these two machines is controlled via firewalls, AV etc.  The most popular configuration with users is to have the enterprise PC as the virtual PC,  not surprisingly the most popular configuration for enterprises is the converse.  The combination of VMware free player, Microsoft’s low cost (no additional cost for MSDN subscribers) Virtual PC and hardware support in future processors from Intel and AMD is making this increasingly practical.

Application Virtualization: users have one PC that is under their control but enterprises provide isolated applications that can run on top of an application virtualization layer.  In this mode the enterprise can be assured that their application configuration can not be compromised by applications that users install (apart from drivers) and that they can deploy, activate and de-activate these applications quickly and simply.  Application Virtualization will often even allow multiple versions of the same application to run concurrently on the same machine.

Enterprise Portals: users have a PC that is under their control, and access all key applications and data via an enterprise portal.  Such portals normally provide support for a wide variety of application types including Web, Java, and Citrix.  Its not a stretch to imagine these portals also being the access point for downloading applications that run on the application virtualization platform described above.

SSL VPNs and network access control: SSL VPN’s are rapidly replacing IPSEC VPN’s as companies move to an application access rather than a network access model.  Many SSL VPNs include network access control capabilities that involve an agent being downloading and scanning the PC to make sure that it meets enterprise criteria (patches, AV, firewall configurations) prior to the connection being established.  This capability is often combined/integrated with Enterprise Portals.

Network contraction: a few years ago it was common for the only firewalls in an enterprise to reside at the perimeter of the WAN.  An increasingly popular model is to protect the enterprise applications in the datacentre with firewalls and also to protect PC and workstations as well.  In some companies they are dispensing with the WAN altogether and PC’s running local firewalls effectively live on the Internet or behind commodity firewalls, and the enterprise perimeter has contracted to surround just the datacentres.  These datacentres often publish all of their interactive services via an Enterprise Portal as described above, and control connections to that portal using an SSL VPN and network access protection.

Personal Allowances: The final piece of the puzzle for me is how to handle the merging of business and personal use that we are increasingly seeing.  The model that appeals most to me is the allowance model.  Provide employees with all software they need for core business processes and a role specific allowance to invest in everything else including phones, displays, desktops, portables, tablets, productivity software, home networking etc.  Define standards and publish best practices to help people make sound decisions and to help them be as productive as possible, allow employees to supplement the allowance with their own money if they want to.  Because individuals then own the devices it also looks like employees will take on more – if not all - responsibility for acceptable usage compliance.

The way you deliver applications to your clients is the fundamental issue of debate in this article.  Web client, Server Based Computing, Smart Clients, Thin Client computing, Consolidated Client Architectures are all terms that are used and misused in this context.  This article attempts to just cover the key concepts, talk to me or comment if you want to discuss further.  This is a an article I wrote a couple of years ago, but I thought it was worth a repost as it complements a previous post where I commented on a useful discussion by Brian Madden.

It’s very important to note that Server based Computing is not the only approach, this document discusses all of the mainstream and the main evolving approaches.  However because Server based Computing is the most popular generic term in use it has been reused here.

What problem is Server Based Computing trying to solve?

First we need to understand the issues we are trying to solve with these technologies:

• Installing applications on many client devices is difficult for a whole host of reasons but mainly because:
• the clients are not all exactly the same so what works on one does not work on all
• its difficult to predict who needs which applications
• some of the people we want to use our applications use client devices that are not under our control, so we are not able to install software on them
• it takes time and effort to package up an application in such a way that it can be automatically deployed and does not conflict with other applications or the PC operating system in undesirable ways
• Installing applications requires administrative privileges on the PC, most companies do not allow users to have these privileges because of the security, acceptable use compliance management and TCO implications.
• Once an application is installed it needs to be maintained with bug fixes, configuration changes and new versions
• When people move location, visit another location or work from home they want to be able to continue to access their environment
• When PC hardware fails people want to be able to just plug in a new machine, or sit at the desk next to them and carry on
• Deploying applications to many PC’s takes time, introduces risk, and costs money; these three factors create an inertia that resists change.  The result is the client software gets out of date, or different versions exist on different machines resulting in inflexibility.
• In environments where theft is a risk, PC’s are very attractive targets!
• Using appropriate technology SBC can provide desktop platform independence, and increase the usable life of desktop equipment.
• Eliminates the need to upgrade desktop hardware in order to support new applications services or upgrades.
• Using appropriate technology the solution can provide more predictable WAN utilisation.
• Centralised processing resources can be rapidly reassigned during temporary periods of increased utilisation of business critical application services. This mitigates the need to procure additional equipment to accommodate these periodic peaks in utilisation, for example year end processing.

Why do we continue to deploy PC’s

These problems are pretty serious ones, so next it’s important to understand why we still often deploy PC’s:

• Many applications do not work, or are not supported unless they are running locally on a PC
• Many applications can only be cost effectively deployed on PC’s
• We have automated management tools, packaging tools and conflict resolution tools that help us get closer to the objective of managing thousands of PC’s with a similar fixed cost to managing hundreds and a very small variable cost per extra PC.
• Many applications integrate at the client, so multiple applications delivered from different servers do not provide the same user experience
• Users often get confused by the extra complexity of some alternatives
• Some people need access to applications when they don’t have access to the network, or that connection is too slow or un-reliable

Where is Server Based Computing most popular today?

Despite some of the issues raised above Server Based Computing  is increasingly popular, and very popular for certain scenarios:

• Delivery of applications to clients that are unmanaged or managed by a third party
• Delivery of line of business applications to large numbers of casual users
• Delivery of software for test and evaluation
• Rapid, on demand deployment
• Rapid removal of application services
• Delivery of applications to unsupported locations like branch offices
• Delivery of applications to hostile environments, or high theft risk environments, or environments needing maximum flexibility
• Delivery of applications to task and Structured Task Workers with a small number of applications and well defined processes
• Enforces “business use only” disciplines
• Centralised data management and security
• Provides the flexibility to, rapidly, and securely enable access to business applications for external business partners or new business units, without having to invest in additional infrastructure.

What are the alternatives?

There are however a wide array of technologies that solve these problems, it’s worth restating the basic approaches to solving the traditional PC application delivery problem:

• True thin client.  Make the client device as simple as possible, ideally stateless, i.e. you can plug in another one and it will just work.  Don’t allow any applications to execute on the client, just allow presentation.  In this alternative all applications are server based.
• Re-buildable client. Maintain a record of the desired state of a device on a server, if a device fails for whatever reason then its ‘state’ can be recreated fairly rapidly from the server.  Many systems management tools allow this and Operating Systems are getting better at this all of the time .  In this alternative applications can be delivered using all of the techniques described below.
• Connect to your PC from anywhere, rather than run all of your applications on the server, its possible to use a traditional PC most of the time.  However when you are at home, or working at another business location connect over the network to your PC, and use remote display technologies.
• House your PC in the data centre, solutions are emerging that allow users to connect to an individual PC, (blade format device), housed in a data centre.  The PC system unit is accessed over the network.  If your PC fails its easy to swap to another.  This option is commonly described as Consolidated Client Infrastructure or CCI.
• Execute applications on the server, and run the minimum client side code to render the display and manage keyboard, mouse and peripheral connectivity.  X Windows, Windows Terminal Services and Terminal Emulation products all fall into this category.  More than 80% of Windows Terminal services and Citrix deployments are actually delivering applications to Windows clients rather than thin clients.
• Download web pages and scripts in real-time.  Clients that allow simple presentation and sometimes validation code to execute on the client, but download the application in real time, every time you need it .  The key thing is no change to the configuration of the client is needed for the application to download and run – many web applications fall into this category, the vast majority execute JavaScript/JScript on the client.
• Download applications that rely on client platform extensions.  Clients that have some fairly rich set of standard services installed that let application code be downloaded in real time execute safely, normally in the browser, but not as general purpose as .NET and Java.  Internet Explorer itself falls into this category as it includes significant functionality that’s not pure HTML and CSS .  Flash and other Active X controls or alternative Plug-in standard are more obvious examples.
• Download complex applications in real-time. Allow more complex application to execute on the client, but download the application in real time, every time you need it .  The key thing is no change to the configuration of the client is needed for the application to download and run, the applications are self maintaining, i.e. new versions are downloaded in real time from the server. Java applications and some Microsoft.NET Framework v2 applications using ClickOnce  deployment.

There is a variant of this option, where the application does change the configuration of the client, these applications often provide tight integration with the operating system, high performance graphics, integration with local peripherals etc.  However they are still deployed in real-time and self maintaining .

• Store the file on a file server, but execute it on the client.  Some applications will work that way, but often applications need to be installed on the client to run correctly.
• Package an application in such a way that it is installed in real-time when a user first invokes it.  Some Linux Distributions and SoftGrid for windows provide specialist tools to achieve this that provide application isolation features and optimise the packaging to minimise download delays.  These products also ensure that the configuration of the PC operating system is unchanged, ensuring that other applications are not affected by the installation and that the application can be automatically de-installed.
• Manual Installation.  manually install an application by running an installation script, a refinement of this is to provide some form of on-line catalogue from which people can download and then install applications.  For most applications (see above for different approaches) the application will change the configuration of the client (create shortcuts, install files into shared areas, change the registry) and will therefore require administrative priv.
• Push installation.  A refinement of the previous approach,  applications are automatically distributed to the persons PC using an automation tool (SMS, Unicenter, LanDesk) and the system executes the installation in the background.  The decision to distribute the application may be manual (a list of PC’s) or may be based on the PC being identified automatically as the result of matching a query (all Thinkpad x23s), being added to a group (everyone in finance) or a some other policy (everyone at location B).  A refinement of this is publishing; where a stub is installed which shows the applications icons, file type registrations etc.  When the application is first invoked it is installed on demand.
• Application appliances or virtual machines.  Using a technology like VMware Player a whole operating system and set of applications can be installed by copying a file, (or couple of files) to the PC.  This virtual environment may contain a whole managed or unmanaged PC in which case all of the above application delivery discussions apply equally to the Virtual PC.  However the Virtual PC may in fact be thought of as an application (or an appliance), examples might be a Virtual PC that is actually a complete functioning database server, or proxy server, or isolated (hence safe) web browsing environment.  using VMware ACE it is possible to provide PC appliance that is configured and locked down to provide very well defined role.

Which of mix of these approaches fits your business need will depend on trading off performance, flexibility, usability and cost.  It will also depend on your application portfolio and which of the approaches your applications support.

I get very encouraged when I hear IT people worrying about the way people actually work, and even more so when they realise that the IT industry has not taken this issue seriously enough.  IT people too often think in terms of features and not in terms of real-world business scenarios.  Stu Downes provides a perfect example on his blog where he describes the complex workflow relationship between Executives and Assistants,  when you think about how the software (Notes and Outlook for example) supports this workflow it makes me cringe.

Although I have no solutions I think we need to start thinking more about scenarios and processes than requirements and functions.  As an example I wrote up a typical personal information management process,  my intent (in summary form) was to demonstrate how to start thinking about the whole end-user experience and not just about specific service elements.  I also think we need to start thinking more about how we accommodate the needs of different personality types.

In my company we use the term Workstyles to describe this approach, and we are thinking in terms of the end-user experience, and not just the services that compromise it.  I think it’s a step in the right direction, particularly for infrastructure services where customers often don’t know what they want.

Monad is the next generation of the Windows Shell,  I was expecting it to ship in Windows Vista but there seems some doubt about that now.  However it is expected to ship as part of Exchange 12.  The Exchange team have taken Monad the engine and more importantly the “concept of use” and implemented the entire Exchange 12 UI on top of Monad cmdlets,  this means that anything you can do from the UI you can do from the shell.  Imagine how powerful the Windows environment will be if every element of the Windows and application Admin UI’s becomes not just automatable but discoverable in this way.  You can find out more about Monad and Exchange here and my posts on Monad here.

Of course Monad goes way beyond the capabilities provided in a UI as these Exchange 12 examples show:

# Set the send quota for ALL mail enabled users in the DL called “RemoteUsers” to 1000 KB
Get-DistributionGroup “RemoteUsers” | Get-DistributionGroupMember | Set-Mailbox –ProhibitSendQuota 1000

# Mount all mailbox databases on server HONGKONG1
Get-MailboxDatabase –server HONGKONG1 | Mount-Database

# Only remove storage groups that contain the word “temp”, with confirmation support
Get-StorageGroup | where { $_.Name –imatch “temp” } | Remove-StorageGroup –confirm

# move ALL users from server PORTLAND to the TUCSON server, database “DB1”
Get-Mailbox –server PORTLAND | move-mailbox –targetDatabase “TUCSON\DB1”

and IBM’s vision for its equivalent Office System using OpenOffice.org as the client.  I am also interested in tracking integration between Microsoft Office and Domino/Workplace.  Stu is my guru in this area.  I am off to Redmond next week for 3 days on the Office System v12 and meeting some of the Product Managers on Friday so it will be interesting to compare.

I recently listened to a lecture by Thomas Malone on the “New world of work”, I enjoyed the lecture although the material in it was not too surprising.  That said the implications on IT are considerable as the old concept of a single infrastructure for all of an enterprises employees starts to collapse as those employees become a fragmented mix of oursourced, contractors, suppliers, small isolated teams in internal markets etc.  Tom describes 4 models for the future of the distributed workplace:

1. Loose Hierarchies — with flat organisation structure and substantial autonomy granted to individual business units, subject to overarching principles, review and budget control (e.g. consultancies, universities, technology developers)
2. Democracies — where all employees, or all managers, get an equal vote on some or all key corporate decisions
3. External Markets — where most of the non-executive jobs are outsourced to independent businesses and contractors, so all ‘employees’ essentially become ‘suppliers’, with the commensurate rights and autonomy
4. Internal Markets — where each business unit, and even individuals within business units, contract with each other as if they were dealing at arms’ length, so, every business unit and every employee acts much like an autonomous business

To get a good overview of the topic check out David Pollards review, and comments

A keynote by Tom available on IT Conversations

An article in CIO magazine – the decentralization imperitive

Tom’s book The Future of Work: How the New Order of Business Will Shape Your Organization, Your Management Style, and Your Life 

Here is a summary of the book:

We are in the early stages of an increase in human freedom in business that may in the long run be as important a change for business as the change to democracy was for governments. New technologies are making it possible for the first time in human history to have the economic benefits of very large organizations and, at the same time, to have the human benefits of very small organizations, things like freedom, flexibility, motivation and creativity. Information technology is reducing the costs of communication to such a low level that it’s now possible for huge numbers of people even in very large organizations to have all the information they need about the big picture to make their own decisions for themselves about what they do rather than waiting for people above them in some hierarchy to tell them what to do.

This article describes numerous uses for RSS that go beyond the ubiquitous blog.  It’s an interesting read, especially because it confines itself to implemented uses, rather than the hundreds of uses we can envision.  On a related note I noticed this quote in an article by CRN:

Microsoft partisans imagine a day when business users get realtime pings on their Office desktop software whenever their ERP systems detect inventories below a certain level. Beneath the covers, that simple-looking alert will rely on a confluence of technologies, including Office desktop applications, Microsoft’s planned “Maestro” realtime reporting server and a back-end SharePoint Portal/Excel Server combination.

Decidedly “RSS like” capability although probably not using RSS as the format.  The same article goes on to describe some of the conditional alerting that would be enabled by Excel Server:

“You’d set up an Excel model on the desktop, export it to the server, bind it to a [database] or, via Maestro, to an application source,” he said. “The model runs constantly on the server, feeding updated dashboard data via new Office 12 tools or a [business intelligence] tool. Or [it can] send you an e-mail or an instant-messaging or a VoIP call.” Microsoft, Redmond, Wash., declined to comment.

Microsoft has started to talk up Longhorn again, so they must be getting more confident as we move towards the release of the beta.  Here are some of the main articles and interviews, and my extracts and observations.  My overall observation is that these articles show a very feature driven view of Longhorn.  Not at all the experience driven vision that was presented at the 2003 PDC.  Hopefully this is just because Microsoft are only talking about specific features they feel confident to discuss right now.  As the whole Longhorn wave of Operating System, Office tools and third party applications begin to be talked about we will see a real step forward in the user experience.  However I don’t think we will really see the vision until we see the client and server vision coming together and by that I mean.

• Longhorn Client and Longhorn Server
• Office Client and Office Server
• WinFS Client and WinFS server and a WinFS integrated SharePoint Server
• Longhorn Client Security integrated with the federated and peer group security features we see glimerings of with ADFS and Groove
• Office Communicator and Live Communications Server extended with Groove like peer group collaboration
• Groove like capabilities built into Longhorn and Outlook (Groove needs to disappear)

For discussion of some of the above, check out previous posts on Longhorn

First up is IT World, and an article Microsoft more open about Longhorn features

The initial comments seem pretty unimpressive:

Users will not have to worry if they will be successful when plugging a projector into a Longhorn-based laptop for a presentation, Allchin said. Also, Longhorn-based computers will instantly connect to a home network and recognise peripherals, such as printers. “It takes magic to figure that out today,” he said.

Then we get onto something a bit more interesting:

Longhorn will also have a feature designed to protect data on a PC. “We will have something called secure startup where if you lose your laptop it won’t make a difference because somebody can’t load another system on there to analyse your hard disk,”

This laptop security, feature sounds pretty good, particularly if “it won’t make a difference” is actually a real promise and there is no easy work around.  Also continuing the security theme:

Internet Explorer will run in a “protected space” so it can’t impact the rest of the system, while those guards can be dropped when connected to a corporate Intranet, he said.

Then some good news for enterprise customers:

“We have brand new technology for imaging that will dramatically reduce the number of images required,” Allchin said. This should help make Windows more manageable and reduce operational costs for businesses, a major focus for Longhorn, he said.

and finally a little update in dates:

The final version of Longhorn is scheduled to be broadly available in December 2006. At that time, WinFS, the unified storage system that was clipped from Longhorn last August, will be in beta testing, Allchin said. There is no target date for a final version of WinFS, he said.

Then Information Week with an article Building A Case For Longhorn

In this article we get more about the UI improvements, pre WinFS, which sound a lot like the functions we saw in the WinFS demo, but without the “hidden depths” that WinFS promises. 

Even without WinFS, Longhorn will let users stack, rearrange, filter, and create lists of PC files, including multimedia files and RSS (Really Simple Syndication) feeds. Improvements in data visualisation will go beyond today’s search capabilities, Allchin says.

I just hope that these features are more than shell deep, ie that they are exposed at the file system level and therefore available to all applications including the shell.  This seems to be the way that Tiger’s search is implemented and the unified experience that the Open Source beagle search tool provides.

Again the uninspiring “Everyday challenges such as finding a new printer or connecting to a projector will be hassle-free for users”, it would be nice to see some of the scenarios enabled by WS-Discovery being described instead.  Also the widely reported auxiliary displays is mentioned again “One cool new capability will be “auxiliary displays” that let a mobile user view, say, her calendar even when a laptop is turned off” I think this will be a useful feature.

Next CRN with an article Allchin Talks Turkey About Longhorn

Some interesting snippets came out here, I especially liked the mention of a sync manager that can “run more seamlessly between work and home and understands the environment” this is a key issue in a business environment increasingly driven by consumerization.

We’ll have a sync manager in Longhorn to simplify that sync process for phones and other machines. It’s [not ActiveSync 4] but a new version of synchronization, a brand new system being done for Longhorn and will have a whole set of wireless support so it can run more seamlessly between work and home and understands the environment

then a bit more info on the search capabilities, which gets me worried that its a visualisation level capability, not something backed deep into the operating system, we will see:

It’s a much richer view capability built into Longhorn. Visualize and organize goes back to Cairo [an old Windows NT project]. The indexing technology that’s in XP and in Windows 2000 is a follow-on of Cairo technology. We have continued working on that technology and it’s used by MSN search but it’s been in the operating system for awhile. [With Longhorn] it is dramatically improved.

Then a little hint about new Orchestration facilities, which I assume will be leveraged by future versions of Office and SharePoint:

WinOE Workflow won’t be in the Longhorn client and the current path is it will be available on the server. Nothing here is tied to WinOE on the client.

Then music to my ears, at the PDC we heard a good message about backward compatibility, illustrated by Visicalc, as an enterprise architect I know that applications are at the heart of decision making around the client platform.  I reported here how important I think applications are to Longhorns success. 

Then we have a bit more about Secure Start-up, its not clear whether it includes transparent encryption or not:

You can tell by using the [Trusted Platform Module] 1.2, what the software is that should be run on the machine and being able to protect all your data. The end-user value we’re trying to achieve is that if you lose your laptop in a taxi, for example, if they load another OS on it, they will not be able to get at your data. That is the end-user value and that is part of Longhorn and one of the steps along the way that is part of the Next Generation Secure Computing Base [NGSCB] that we’ve talked about for some time.  NGSB is the vision. The specific feature we’re talking about is from that vision and is part of Longhorn.

For me its clear that Longhorn must first succeed in the home so its nice to see this comment:

It must be easy to deploy at home, either adding a new machine to an environment at home or replacing a machine and migrating information from one machine to another

We know of course that there is plenty of work going on to enable users to run as normal users and to only access admin priv levels when they need to.  I achieve this today by running Windows 2003 server and having a separate Terminal Server session running as admin.  This web site explains how to do it on XP.  In Longhorn ….

Longhorn will run as standard users, instead of admin [users]. Today in most installs, a large majority run as admin, so everything on the machine has full rights. Longhorn will run as a standard user, with limited user rights that can’t impact the operating system or the user.

For example, if you would try to access something, you’d be prompted to elevate your privileges. Beyond that we have work going on to isolate even the new standard-use level so Internet browsing can run in a more isolated environment and, as necessary, switch from Intranet to Internet in a seamless way. The probability of contamination from working on the Internet and having it contaminate the Intranet is dramatically dropped.

sounds like SU on Unix/Linux!

and no AV

The current plan is to have no A/V. And we have said we do plan on putting in anti-malware protection. This IE isolation is a classic example of what we’re doing here. A/V would come as part of an enterprise offering or as part of A-1.

and PC Mag with an article Microsoft Reveals Longhorn Details

A few extra tit bits in this article, first the mention of a Virtual File System, so maybe we will get virtual folders at file system level after all:

Sitting underneath all this will be a “virtual file system,” helping ease application compatibility issues that arise from low privileges on today’s systems.

This is very interesting,  sounds like a combination of the Windows 2003 Server Volume Shadow Copy and Data Protector functions are migrating to Longhorn:

System restore will now include user data as well, and there will be a new backup system to protect your data and do things such as writing incremental file changes to another disk.

I am a very big advocate of optimising around the end to end customer experience, rather than optimising from a technology or service perspective, it sounds like Microsoft take that view as well:

Microsoft characterizes the different ways people use the system—at work, at home, or on the go—as “experiences.” I was particularly intrigued by some of the changes designed to make Windows a better mobile operating system. Among the new features planned are instant-on, wireless projecting of information, tools to help it better understand different network environments, and support for auxiliary displays (imagine a laptop with an LCD on the outside cover, so you can still see your next appointment even when the laptop is closed.)

Incredibly Allchin said – when referring to search – “This is the original Cairo concept,” he said, referring to an operating system Microsoft promoted years ago.”, well its not the concept I remember, I remember an Object File System, not an indexed file system!

Jon shows off the amazing possibilities enabled by google maps, combined with GPS and provides a great example of multi-format screencasting as well.  Screencasting is going to be big news!  This link shows how he made it work.