Azure Security and Compliance: Virtual Cloud Defense (VCD) Released to General Availability
Posted by Augusto Alvarez on
November 28, 2016
If you’ve been talking to customers about a cloud, no matter what platform, I’m pretty sure that you heard from almost any of them that one of their major concerns about the public cloud paradigm is security. Especially when you are talking to the public sector or private companies, like financial institutions, where their entire business relies on their workloads and users secure environment.
Azure Government represents an isolated version of Azure dedicated to these customers, where most of the Azure features are available under strict compliance rules. In order to enhance this service, Microsoft released recently to GA (General Availability) a key component of the Azure Government service: Virtual Cloud Defense (VCD).
The unknown microwave networks
Posted by Oksana Zybinskaya on
November 17, 2016
Recently, it became known that there is a private, mysterious network stretching between London and Frankfurt that is twice as fast as the normal Internet. The connection, provided by a series of microwave dishes on masts, was completely secret to anyone but one company. Only when a competitor completed its own microwave link between the two cities, the first company revealed that it too had a link between the cities in order to get a share in this potential market.
Similar stories can be found all over the world, but because these networks are privately owned, and because they are often used by financial groups trying to find an edge on the stock market and eke out a few extra billions, you have to investigate hard to find them.
Software Defined Networking (SDN) Stack in the Windows Server 2016
Posted by Oksana Zybinskaya on
November 3, 2016
Windows Server 2016 enables building a Software-Defined Data Center (SDDC) with new layers of security and Azure-related approach for hosting business applications and infrastructure. The new Software Defined Network (SDN) Stack provides dynamic security and hybrid flexibility by enforcing network policy in the Hyper-V Virtual Switch using the Azure Virtual Filtering Platform (VFP) Switch Extension. Instead of programming network configurations into a physical switch, the new Microsoft Network Controller delivers the network policy to the Hyper-V Hosts using the OVSDB protocol and is programmed into the VFP extension of the vSwitch by a Host Agent which enforces the policy.
You got SDN, now what
Posted by Michael Ryom on
October 20, 2016
It has three years since VMware announced and showcased NSX to the world. Since then everyone and then some has announced their version of SDN. You have players such a Cisco, Cumulus Networks and of course VMware in this space. All doing SDN in their own unique way. Cisco being the biggest network player of course wants to move hardware to your datacenter. Therefore, their way to SDN is to buy new boxes. Another player is Cumulus Networks, again theirs another focus. Here the OS is king. Build on open source components Cumulus Networks deliver the OS for SDN, which run on any white box. If you do not want to build your own white box networks based on Cumulus Networks many vendors have, join Cumulus Networks. Vendors such as HPE, Dell and Supermicro amongst others are selling switches, which comes with Cumulus Networks OS baked in. Even Microsoft is entering the stage of SDN with Server 2016, though one could argue a bit late, but then better late than never.
Manage VM placement in Hyper-V cluster with VMM
Posted by Romain Serre on
September 23, 2016
The placement of the virtual machines in a Hyper-V cluster is an important step to ensure performance and high availability. To make a highly available application, usually a cluster is deployed spread across two or more virtual machines. In case of a Hyper-V node is crashing, the application must keep working.
But the VM placement concerns also its storage and its network. Let’s think about a storage solution where you have several LUNs (or Storage Spaces) according to a service level. Maybe you have a LUN with HDD in RAID 6 and another in RAID 1 with SSD. You don’t want that the VM which requires intensive IO was placed on HDD LUN.
Choosing ideal mini server for a home lab
Posted by Askar Kopbayev on
August 11, 2016
Yesterday I saw a blog post in Homelab subreddit discussing what Intel NUC to choose. I have spent quite some time recently to choose the right server for my homelab expansion and I have considered a lot of options.
I was also looking at Intel NUC as many other fellow IT professionals, but luckily last month I read on Tinkertry.com that Supermicro had just released new Mini-1U SuperServers – SYS-E300-8D and SYS-E200-8D. I had some discussions with my colleagues and other people on Reddit and TinkerTry and I came to the conclusion that if you are aimed to run home lab for virtualization Intel NUC shouldn’t be considered. I believe SuperMicro is a new king on the market of mini servers for home lab.
vSphere Replication traffic isolation
Posted by Askar Kopbayev on
July 27, 2016
vSphere Replication has proved to be a great bonus to any paid vSphere license. It is an amazing and simple tool that provides cheap and semi-automated Disaster Recovery solution. Another great use case for vSphere Replication is migration of virtual machines.
vSphere Replication 6.x came with plenty of new useful features:
- Network traffic compression to reduce replication time and bandwidth consumption
- Linux guest OS quiescing
- Increase in scalability – one VRA server can replicate up to 2000 virtual machines
- Replication Traffic isolation – that is what we are going to talk today.
The goal of traffic separation is to enhance network performance by ensuring the replication traffic does not impact other business critical traffic. This can be done either by using VDS Network Input Output Control to set limits or shares for outgoing or incoming replication traffic. Another benefit of traffic isolation addresses security concern of mixing sensitive replication traffic with other traffic types.
[Azure] Custom RBAC roles
Posted by Florent Appointaire on
June 2, 2016
From December 2015, Microsoft has given the possibility to create your own RBAC roles. I will show you today, how to do this. To start, connect via PowerShell to your Azure RM subscription:
Deploy MSI package to group of computers in your domain
Posted by Vladan Seget on
March 2, 2016
This is a follow up post on a post we have done previously – How To Convert EXE To MSI Package In 5 Easy Steps – where we created a MSI package for an application that did not exists as MSI, so we had no choice. We used third party software to repackage our application.
As you can see, repackaging of an application can be done, but not without third party tools. Anyway, so now we have this MSI and we want let’s say to deploy this application to a group of computers in a Microsoft domain.