Windows 7 / Getting Started

---

Modeling the Production Environment

The goal of the test environment is to model your production environment. The more accurate the production environment, the greater the validity of the testing performed in that test environment. Microsoft recommends the following best practices in creating your test environment:

• Use virtual or physical images of production computers to create their test environment counterparts. Virtual or physical images can help ensure that the test environment configuration accurately reflects the production environment. In addition, the images contain live information (such as users, user profiles, and file permissions) to use in testing.
• Separate your test environment physically from your production environment. A physically separate test environment enables you to use an identical IP configuration and helps ensure that tests conducted in the test environment do not affect the production environment. Using the identical IP address, subnets, and other network configuration information helps to ensure the fidelity of the test environment. However, duplicating IP addresses might not always be the best option when applications do not rely on a hard-coded IP address. You might also pass some network traffic through the router from the production environment to reduce the need for replicating network services. For example, opening the ports for DHCP to pass through eliminates the need for a separate DHCP server in the test lab.
• Ensure that your test environment is at the same service pack and update level as your production environment. Before performing application mitigation testing, update your lab environment by applying service packs and updates or by refreshing the virtual or physical images of your production counterparts. Consider adding the test environment to the change-management process to simplify tracking the updates.
• Ensure that you perform all your application mitigation tests by using accounts that have similar permissions as the accounts in your production environment. For example, if your organization does not allow users to run as administrators on their local computers, ensure that similar permissions are granted to users in the test environment. This process ensures that you can determine potential security issues.

Using the Standard User Analyzer

The SUA tool enables you to test your applications and monitor API calls to detect potential compatibility issues resulting from the User Account Control (UAC) feature in Windows 7. UAC requires that all users (including members of the Administrator group) run as standard users until the application is deliberately elevated. However, not all applications can run properly as a standard user because of access violations. For more information about SUA, see the Standard User Analyzer Usage document (SUAnalyzer.rtf) in the \Microsoft Application Compatibility Toolkit 5\Standard User Analyzer folder, where Microsoft Application Compatibility Toolkit 5 is the folder in which you installed the toolkit.

To test an application using SUA, perform the following steps:

1. Click Start, point to All Programs, select Microsoft Application Compatibility Toolkit 5.5, choose Developer And Tester Tools, and then click Standard User Analyzer.
2. In the Target Application box, type the path and file name of the application that you want to test by using the SUA.
3. In the Parameters box, type any command-line options for the application.
4. Click Launch. Exercise each of the application's features and then close the application.
5. Click through each of the SUA tabs, reviewing the detected issues.