Online Services Division (Bing, GNS, MSN, IPE,...)

1. Handling network failures is one of the most challenging tasks for Data Center operators. Different from the conventional failure diagnosis and repair process which requires significant human intervention, Our NetPilot technology mitigates failures by deactivating or restarting the suspect network devices without the need for knowing the exact root causes. By enabling automatic failure mitigation, Netpilot dramatically reduces the recovery time for common network failures. Our initial paper (NetPilot: Automating Datacenter Network Failure Mitigation) describing this system was published in SIGCOMM 2012 and we shipped as part of the Bing Metallica Release in June 2012

1. We performed a comprehensive analysis of the page load time in Bing to help uncover and explain strange effects such as Page Load Ttime (PLT) increase during off-peak hours and the impact of browser population and query type. These insights were used to develop a more precise and detailed alerting tool for PLT degradation.

1. In distributed file systems, when one storage node is congested both read- and write- traffic can be steered to other replicas and other nodes with empty space. If the on-set of such congestion is detected quickly, one can avoid needless queuing lags and improve overall store throughput. We helped design a predictor that uses current load and historical performance to predict the congestion status of storage nodes in Cosmos early. As a side-benefit, this also serves as a measure of application-perceived capacity of the distributed storage layer and a monitor of current usage and hotspots. Our technology is shipping in Cosmos clusters in Bing since December 2011.

1. Performant execution of data-parallel jobs needs good execution plans. Certain properties of the code, the data, and the interaction between them are crucial to generate these plans. Yet, these properties are difficult to estimate due to the highly distributed nature of these frameworks. We built the first reoptimizer for data-parallel jobs. It collects certain code and data properties by piggybacking on job execution and adapts execution plans by feeding these properties to a query optimizer. Our technology shipped in Bing's Cosmos clusters in December 2011. and it has significantly improved the response times on production jobs.

1. Laggard tasks signicantly prolong the completion time for data-parallel jobs. The causes for such outliers include run-time contention for processor, memory and other resources, disk failures, varying bandwidth and congestion along network paths and imbalance in task workload. We buit a system that monitors tasks and culls outliers by restarting tasks, network-aware placement of tasks and protecting outputs of valuable tasks. The result was a significant improvement of job completion time. Our technology is in production use across all of the Cosmos clusters in Bing since May 2010.

1. To answer some of the basic questions about real workloads we built NetTrace, a network tracing service for large data center clusters. This service collects low level networking logs (socket-level) and uploads to COSMOS. Processing the data yields a much better understanding of the traffic patterns of operational workloads and also helps diagnose whether the network or the application is to blame for poor performance. NetTrace ships as an autopilot service in Bing since 2009. We also shipped an analysis suite and Bing continues to invest in NetTrace, in their June 2012 release, they expanded the types of data captured, lowered resource consumption of the logger and are in the process of rolling it out as an always-on service.

1. We conducted a series of experiments to measure the DNS query resolution time for Bing. Based on these measurement we came up with a set of improvements to our DNS query chain. Worked closely with Bing we deployed these improvements and in the process reduced the median DNS query time by more than half of previous amount. More importantly, the 95th percentile was cut in half.

1. The MSN Publishing Platform serves billions of web pages a month. As they grew, scalability bottlenecks started to show up in their previous architecture. The Scalable and Consistent Caching (SCC) technology allowed them to solve these bottlenecks while maintaining the strict consistency semantics that content publishers expect, such as adding breaking news to a web page and all viewers seeing the updated content.

1. The Live Mesh data center services need to partition user data across a large number of servers. We designed and built the Partitioning and Recovery Service (PRS), which became their mechanism for doing this. The PRS made the development of the server code easier by providing a number of novel properties, such as strong consistency for soft state and guaranteed notifications to trigger state republishing. Microsoft's Live Mesh product won CNET's best technology innovation/achievement award.

1. We developed a technique which evaluates the risk to an organization based on patterns of user privilege and access. Attackers use accounts to compromise machines and use machines to compromise accounts. In the absence of explicit management to mitigate this risk, growth in jumping from one machine to another via a compromised account is exponential. In a test, corroborated by our graph-based analysis, we found that over 70% of the machines investigated yielded at least one account that granted control over 100 other machines on the next hop. Our system performs static analysis and generates pre- and post- incident reports for planning risk mitigation strategies. We shipped our technology in the Access and Security Division’s (ASD) ForeFront Product Suite.

Windows

1. Compared to laptops the new class of mobile devices, such as tablets and Surface computers, need to stay connected even when the screen is turned off. Keeping the Wi-Fi always on consumes significant energy. We designed a set of techniques that allows the Wi-Fi device to not lose its connection even when the screen is turned off and the processor (and SoC) is in a low power state. We accomplished this by reducing the Wi-Fi power consumption to a few mW in standby state. Our techniques shipped in Windows 8.

1. We helped design and evaluate a mechanism to adaptively control the network usage of a Virtual Machine (VM), analogous to equivalent controls that existed for CPU and memory. Our design includes a feedback loop that ensures VMs receive network bandwidth that is proportional to their share and that spare bandwidth is allocated among VMs that need it. Our VM Rate Shaper shipped in Windows 8.

1. We helped design the antenna placement on tablet devices. Since users hold tablets differently than laptops, existing antenna placement techniques (on the laptop’s screen) are not the most optimal for tablets. The placement of a user’s hand around the antenna might reduce the signal, and so can the orientation in which the tablet is held. We studied these phenomena in detail – in the wild and in antenna chambers – and made recommendations to the Windows 8 team, which were incorporated in the final design of Windows 8 tablets.

1. We designed a new variant of TCP, called Data Center TCP (DCTCP) to address congestion control issues in data center networks. DCTCP leverages Explicit Congestion Notification (ECN) and a simple mOLti-bit feedback mechanism at the host to reduce application latencies by overcoming network impairments such as queue buildup, buffer pressure, and incast. DCTCP was designed in close collaboration with the Windows Networking Team and it ships in the Windows 8 networking stack. The initial paper ( Data Center TCP) was published in SIGCOMM 2010.

1. We designed a technique to virtualize wireless LAN (WLAN) cards. With it users can concurrently connect to multiple Wi-Fi networks using a single WLAN card, thus enabling several novel scenarios. The original paper. The original paper ( MultiNet: Connecting to Multiple IEEE 802.11 Networks Using a Single Wireless Card) was published in INFOCOM 2004. Our miniport driver was downloaded by over hundred thousand developers and was one of Microsoft Research’s most popular software downloads. Virtual Wi-Fi first shipped in Windows 7.

1. We developed a technique ("Probe-Gap") to estimate the capacity and the available bandwidth of network paths based on end-point measurements. The problem was particularly difficult for cable modems and Wi-Fi networks because they do not have point-to-point links. For example, they employ mechanisms such as token bucket rate regulation; non-FIFO scheduling, and multiple rate. The initial paper ( Bandwidth Estimation in Broadband Access Networks) describing the problem was published in IMC 2004. Probe-Gap first shipped in Windows XP.

1. We designed the (first set of) NDIS WLAN OID for Windows 200 and beyond. Prior to our contribution Windows exposed a wireless LAN network adapter as an Ethernet network adapter. We enhanced the programming interface exposed by the Network Device Interface Specification (NDIS) and WinSock which then enabled novel wireless-aware and mobility-aware applications.

Servers & Tools Business (Azure, Systems Center,...)

1. Enterprise can save significant amounts of power by letting idle desktop machines go to sleep (S3). This behavior has been the default setting in Windows desktop for many years. However, users and system administrators often override this because they may need to access the machines remotely. Current wake-on-Lan technique are cumbersome, and do not always work on complex networks. We designed and built a wakeup service ("GreenUp") that works transparently – any time the user tries to remotely access a sleeping machine, it seamlessly wakes it up. This encourages users to save power. GreenUp scales up to large, complex corporate networks, by using a novel distributed leader election algorithm.

1. We designed this novel CLOS network architecture and it is now the design of choice for Windows Azure. For a better description, please take a look at our product contributions with the same title under "Online Services Division".

1. We designed and built a plugin (called an “expert”) for Microsoft Network Monitor (NetMon) that helps analyze TCP traces. It uses several sophisticated heuristics to answer the key question “what limited the throughput of this TCP connection”. Apart from answering this question, the plugin also allows the user to visualize the connection in a number of different ways. Our plugin has been downloaded thousands of time, and is one of the most popuLar NetMon “experts”.