This is part two of recommendations from the VMworld on-demand library. Applying Software Design Patterns and Methodologies to Your IT Services (CNA2141BE) SRE is the practice of leveraging software development principles for running and managing infrastructure, operations, and applications. Super interesting concept session that covers methodologies that originated with google to ensure site or service …
Continue reading “VMworld – On demand video recommendations 2”
Ron Fuller, double CCIE, co-author of NSX Fundamentals Live Lessons and NSX Essentials book, dives into one really powerful aspect of NSX, the distributed firewall and how policies can be created. The separation of network traffic has been fundamental to security compliance, for years we have been achieving this primarily through vlans and portgroups, switching …
Continue reading “VMworld Sessions – Practical NSX Distributed Firewall Policy Creation”
One of the typical questions when considering NSX deployments is who should be the administrator? However this is often a two horse race, between Network and Virtualization Systems Administrators. Although NSX is SDN (software defined networking), the driver behind much of what it does is due to security requirements, using vlans to segregate layer two networks, …
Continue reading “VMware NSX Security Features – Who should pay for them?”
Centralized logging will can be done by deploying a syslog server and using this to collect and manage logs. An easy option is to install the syslog server bundled with the vCenter installation, in this post I’ll walk through configuration on a Windows box, an discuss some of the caveats of this approach. This install …
If you are going to be logging to disk, either local or a shared volume. PowerCLI can be used to set individual hosts log values for log size and rotation, do the math so you are sure your disk will always have space. For example: if you set log size to 10 MB and 32 rotations you …
Continue reading “Security Audit – Get and Set host logging”
By default, the logs on VMware ESXi are stored only in the in-memory file system [scratch file], and are lost upon reboot. There are two options to save logs so that a dedicated record of server activity is available for each host. Persistent logging to local or shared storage (datastore) Configure the syslog service to …
Continue reading “Security Audit – ESXi Persistent logging Overview”
Hypervisor Retention of Logs on Disk Logs are not saved according to a period of time, but according to size, so once the log gets to X size a number is appended and a new log created. The number of logs saved is the rotation – 16 rotation = 16 logs saved. For hypervisor logs …