Category: News

New free tools section is open

This one is long overdue, I had a section created on my website a year ago that correlated to a link in my book, Maximum vSphere that listed all the many free tools that would be useful to a VMware administrator. But I had forgotten about it until recently so I scoured the internet for free tools and put together a big list of them. The table currently has over 80 tools and is sortable by category, name and vendor to help you go through them. If there is anything missing be sure and let me know.

Click here to access the Free Tools section of vSphere-land.com

Share This:

How to avoid VDI boot storm problems using SSD

Desktop virtualization, or virtual desktop infrastructure (VDI), can bring many benefits to an IT organization, including easier system management and centralized security and data protection. But the storage environment that supports VDI requires some careful planning to avoid the problem of VDI “boot storms” — big slowdowns that can occur when a lot of users log into the system at the same time. There are a few options for addressing the problem, but the one that makes the most sense relies on tactical placement of solid-state drives (SSDs).

The problem of VDI boot storms is a fairly straightforward one. Virtual desktop workloads are predictable; they’re based on the work hours of desktop users, which typically run from about 8 a.m. to 5 p.m. each workday. The overall storage I/O that an average virtual desktop generates is quite low compared with that of a server workload, and so the density of desktop virtual machines on a host is typically much greater than with server virtualization. Conversely, the initial startup of a desktop is very resource-intensive, where the operating system and applications do a large amount of reading from disk while loading and executing.

A boot storm occurs when many virtual desktops all boot up during a short window of time (for example, between 8 a.m. and 9 a.m.), which causes intense concentrated storage I/O that can easily overwhelm a storage subsystem. If the storage subsystem isn’t designed to handle the heavy I/O load, you can effectively end up with a denial-of-service attack on your storage subsystem.

Read the full article at searchvirtualstorage.com…

Share This:

Upgrading vSphere: Concerns and methods for VARs

This chapter excerpt on Upgrading to vSphere (download PDF) is taken from the book Maximum vSphere: Tips, How-Tos, and Best Practices for Working with VMware vSphere 4. Solution providers can use this book to learn about vSphere 4 storage, networking, performance monitoring and advanced features such as high availability, distributed resource, distributed power management and Vmotion.

If you have an existing VI3 environment, at some point you’ll probably want to upgrade it to vSphere. Before jumping right into the upgrade process, though, there are many considerations and requirements that you should be aware of. Once you are aware of everything you need to know, you should then put together a plan for how you are going to proceed. Upgrading to vSphere is fairly straightforward, but there are many gotchas that can make the process more difficult. To avoid surprises during the upgrade, you should properly prepare and know all the steps so that your upgrade is trouble-free and uneventful. In this chapter, we will cover considerations and steps for upgrading your existing virtual environment to vSphere.

Compatibility comparisons
There are many things to consider when upgrading your VI3 environment to vSphere, such as hardware and software compatibility and upgrade methods. You should spend some time researching this to ensure that you have all your bases covered beforehand. Finding out after you upgrade that some of your management tools are not compatible with vSphere can make things very difficult. Upgrading is a much simpler process than downgrading, so make sure you consider everything before beginning your upgrade.

Hardware compatibility
Your server and storage hardware may be supported in VI3, but don’t assume that it’s supported in vSphere. Check VMware’s online Hardware Compatibility Guide to make sure all your hardware components are supported in vSphere. This includes servers, I/O adapters, and storage devices. You may be able to get away with using servers that are not listed in the guide, but it’s critical that your I/O adapters and storage are listed. Refer to the Importance of the Hardware Compatibility Guide section in Chapter 11 for more information on this. The other consideration that you need to be aware of in regard to hardware is the requirement for 64-bit hardware. See the section Selecting Physical Host Hardware to Use with vSphere in Chapter 2 for more information on this.

Read the full chapter excerpt at searchsystemschannel.com…

Share This:

Five ways to maximize VMware hypervisor security

For better or worse, administrators usually accept the default VMware hypervisor security settings.

VSphere is fairly secure, but VMware security breaches can still occur. Careless mistakes and questionable administrative decisions can weaken infrastructure security — especially if IT pros are more concerned about management convenience than about hardening the hypervisor, hosts and virtual machines (VMs).

To help prevent snafus, here are five ways to maximize VMware hypervisor security.

Firewalls prevent VMware hypervisor security from getting burned
Physical firewalls protect servers and devices directly connected to physical networks, but they aren’t always effective at protecting VMs connected to virtual networks. So use virtual firewalls in conjunction with physical firewalls to ensure that network traffic is secure at every level and nothing slips through the cracks.

Sometimes, virtual machine network traffic doesn’t leave the host or travel over a physical network. Traffic between VMs on the same vSwitch and port group remains inside the host. It travels in the host’s memory, through the virtual network — rather than over the physical network. As such, it’s outside the physical firewall’s protection zone.

Read the full article at searchvmware.com…

Share This:

VAR concerns and considerations for handling vSphere security: FAQ

Keeping your customer’s physical environment secure is more straightforward than dealing with security in a virtual environment. There are a number of hidden risks and concerns that solution providers need to be prepared for before fielding customer questions about vSphere security.

Virtualization expert Eric Siebert breaks down what you need to know about securing your customer’s vSphere environment, including Payment Card Industry Data Security Standard (PCI DSS) concerns, anti-virus software and ESX firewalls. Siebert also explains which third-party virtualization security products and vendors can be useful to solution providers.

How does security in virtual environments differ from physical environments?

Most of the security-hardening techniques that solution providers would normally use in physical environments apply to virtual environments as well. These techniques are typically used at the guest operating system (OS) level, which is no different in virtual environments. There are, however, other security areas that you need to be concerned with inside virtual environments that don’t exist with traditional physical servers.

Solution providers need to recognize that the host opens up more attack vectors inside virtual environments, with the biggest being toward the ESX Service Console and the ESXi Management Console. These consoles run as privileged virtual machines (VMs) on the host and hold the keys to accessing any VM on the host. There are a variety of methods that can be used to access a host, including Secure Shell, vSphere Client, scripting application programming interfaces (APIs) and Web browser access. All of these access points need to be properly secured to protect the host and its VMs.

Read the full article at searchsystemschannel.com…

Share This:

VMware backup software and a vSphere backup solution checklist

If you’re shopping for a new VMware vSphere backup tool, there are many things you should take into account when deciding between the different VMware backup solutions on the market. Buying backup software for a virtualized environment is more complicated than buying software for traditional servers because the virtualization architecture changes the way backup and recovery is performed. In this tutorial, we look at the questions you’ll face when choosing VMware backup software. Then, you can download our free VMware backup solution checklist.

Does the backup software support virtualization?

The obvious first question you need to ask is if the product supportsvirtualization and, if so, to what degree. Some vendors were slow to adapt their existing backup products to support virtualization, but almost all backup products today support it in some way. Other vendors like Veeam and Quest(formerly Vizioncore) developed backup products from the ground up specifically for VMware backup. When looking at backup software, check and see how deep the product’s integration with vSphere is, and if the vendor has fully embraced the virtualization architecture and the features that make backups more efficient in vSphere. It is possible to perform backups of virtual servers in the same manner as physical servers using a backup agent installed in the guest OS. However, this method is inefficient and can cause poor performance due to excessive resource usage.

Read the full article at searchdatabackup.com

Share This:

Five VMware security breaches that should never happen

VMware security breaches should not be taken lightly, especially now that there’s a spotlight on regulatory compliance and the shift toward cloud computing.

Virtual hosts house many workloads, and if an unscrupulous individual gains unauthorized access to a host, that person can potentially compromise all of its virtual machines (VMs). That means virtualization administrators should pay special attention to preventable VMware security breaches. There are several potential weak points where VMware security breaches can occur.

Making VMware security less like Swiss cheese

Out-of-the-box, VMware vSphere is fairly secure, but you can make it more susceptible to security breaches if you’re not careful with its configuration and remote-access settings.

By default, VMware disables many features that would make administration easier, and enabling these features weakens security. In ESX, for example, administrators typically enable Web user interface. And in ESXi, many IT pros allow access to the remote console through Secure Shell (SSH) connections. These actions may make your job easier, but they open up attack vectors for unauthorized individuals.

An even bigger vulnerability is the host’s management console. It’s the door to your entire virtual infrastructure, so don’t pass out many keys. Lock up the management console tightly and use it only when absolutely needed — which typically isn’t often. Other areas of concern are VM data stores, management and storage network traffic, virtual networking, application programming interfaces, VM-host interconnects, vCenter Server roles and permissions and third-party add-ons.

The bottom line: Know your weak points and make them secure.

Read the full article at searchvmware.com…

Share This:

Managing storage for virtual desktops

Implementing a virtual desktop infrastructure (VDI) involves many critical considerations, but storage may be the most vital. User experience can often determine the success of a VDI implementation, and storage is perhaps the one area that has the most impact on the user experience. If you don’t design, implement and manage your VDI storage properly, you’re asking for trouble.

VDI’s impact on storage

The biggest challenge for storage in VDI environments is accommodating the periods of peak usage when storage I/O is at its highest. The most common event that can cause an I/O spike is the “boot storm” that occurs when a large group of users boots up and loads applications simultaneously. Initial startup of a desktop is a very resource-intensive activity with the operating system and applications doing a lot of reading from disk. Multiplied by hundreds of desktops, the amount of storage I/O generated can easily bring a storage array to its knees. Boot storms aren’t just momentary occurrences — they can last from 30 minutes to two hours and can have significant impact.

After users boot up, log in and load applications, storage I/O typically settles down; however, events like patching desktops, antivirus updates/scans and the end-of-day user log off can also cause high I/O. Having a data storage infrastructure that can handle these peak periods is therefore critical.

Cost is another concern. The ROI with VDI isn’t the same as server virtualization, so getting adequate funding can be a challenge. A proper storage infrastructure for VDI can be very costly, and to get the required I/O operations per second (IOPS) you may have to purchase more data storage capacity than you’ll need.

Expect to spend more time on administration, too. Hundreds or thousands of virtual disks for the virtual desktops will have to be created and maintained, which can be a difficult and time-consuming task.

Read the full article in the March 2011 issue of Storage Magazine…

Share This: