Organizing vCenter

I have recently been asked what I thought was the best way to organize things in vCenter? I have personally used several different methods to organize virtual machines in different ways. I started to wonder how other VMware administrators were organizing their own environments and if there were any common methods to this. Let’s take a look at the different ways I have organized things in previous deployments.
The different methods that I have used to organize my environments have been mainly with the use of resource groups and folders. Each of these options is located in different views; resource groups are located in the host and clusters view and folders are located in the virtual machine and template view.
Starting with resource groups, I have built different groups in a few different ways in different clusters. Creating resource groups based on importance, such as high, med and low has been the most basic configuration that has been taught by VMware in the classroom and as examples when talking about resource groups. Resource group settings only take effect when contention happens on the host. If there is no contention, then these groups give you the ability to group virtual machines together based on operating system. I have used a “Windows” resource group as well as a “Linux” resource group to separate the different systems. This can also be used to separate teams and the virtual machines that each maintain, as well as having “high” and “low” groups for the most important and least important virtual machines. In other words, examples like the development or sales department virtual machines could be grouped in this manner. I have also created resource groups for VDI deployments, putting each VMware View pool in their own resource group limiting processor usage. I have also seen people create resource groups based on the type of application, but vSphere now gives the ability to use vApps to accomplish that type of configuration.
So, nothing too exciting with the resource groups, just a pretty straight forward configuration. Now, I have also organized Virtual Machines in the folders view. You can actually create different folders based on the application running on the virtual machine. One example would be to have all the exchange servers in one folder or to have all the virtual desktops organized in a folder and then create sub-folders by department. In one engagement, I actually created folders based on the virtual machine owner, so I would be able to determine who was responsible for each virtual machine if an issue arose. Moving forward, I started to use custom columns in vCenter for application owner and other information to be able to get in touch with that person. You can also create custom columns to turn the main virtual machine page into a main source of information about all of the virtual machines. Eventually these columns would have the same information that the server database would have and could replace the server database for any information about the virtual machines.
How do you organize your vCenter? Inquiring minds what to know!
by Howard Cathcart, Director of Enterprise Services October 25th, 2009

Are you Social Networking for success?

Over the last two years I have attended various events and presentations regarding “social networking”. I have read articles, had conversations and even presented on the topic. It has become clear to me that social networking is big and growing. People are either involved, getting involved or wondering if they should be involved.
And why not, it’s a great tool and easy to use. Right? Jump on line, sign up and search for people you know. Add friends to Facebook, “Link” people in, “follow” people on Twitter. Great…now what? You are all signed up, you check the site every day, and occasionally post something. You are “social networking”. Now we can just sit back and watch our business grow, or the job opportunities roll in, or our brand recognition increase, etc.
Unfortunately that isn’t how it works in most cases. Joining Linkedin.com, facebook.com, twitter.com, etc. are steps in the social networking process but are just the first steps. These are the tools that allow social networking to be effective. Now there needs to be a plan, a goal, a focused agenda for what you are trying to accomplish.
These goals may vary. Who is your target client? Are you selling retail or business to business? Is your responsibility marketing, PR or sales? Is your goal long term branding or are you trying to generate leads for today? These questions and more are going to be important in understanding which tool is best for you and leveraging that tool for results.
I was initially an offender. I am on facebook, twitter, linkedin and a few other less main stream sites. I started on facebook and linkedin 3 years ago. Up until 6 months ago, these sites have had little to no positive impact on my ability to drive business for ACS Services. This wasn’t the websites short comings, but my own. I spread myself too thin. I didn’t use these tools with a goal in mind. I was on the sites every day but had no understanding of why I was on the site, what I was looking for or how to best leverage them.
After researching, trial & error, speaking with others and asking myself some of the above questions, I determined that Linkedin was best suited for me. ACS Services sells outsourced IT services to small to mid-sized businesses in the Boston area. This is a very specific and target marketed. Linkedin allows me to search candidates in the area and see if I have any contacts that are connected to them. This is great for referrals or to make a cold call a warm prospect. It has also allowed me to be strategic and efficient about finding good networking partners through Linkedin’s Groups. Unfortunately the use of this site effectively is a whole other blog.
I leave you with this thought. If you are currently “social networking”, think about how you are using these sites. Are you getting what you want from them? Do you have a goal in mind when using the sites? Ask other people how they utilize the different sites. I think we will all find that we are “leaving money on the table.” If you have any questions please feel free to email me at vverducci@acs.com and good luck with your social networking.
-Vincent Verducci, Director of Business Development

Antivirus is Not Enough with Today’s Hostile Internet Environment

At this point, everyone pretty much realizes that every system needs Antivirus in order to stay protected. Those that didn’t want to spend the money or computer resources have already been burned and now see it as a necessary expense. Now, most individual users as well as companies are doing a good job at budgeting for this expense every year. So with the hundreds to thousands of dollars spent for this each year, the question remains: why are my systems still getting infected?

As necessary as antivirus is these days, it’s simply not enough. It’s never been a perfect solution but has always been good enough to protect from the majority of the scripts created by the pimply faced kid in his parents’ basement. As time goes on, more is at stake. No longer is a virus simply a way to ruin someone’s day, or steal a piece of information, or even destroy a system. No, the virus of today is just another method of marketing (pop-ups), bumping a webpage’s stats in search engines (homepage hijacking), selling a product (rouge antivirus/antispyware ), assisting with an emailing campaign (spam bot), a form of activism (DDoS attacks), stealing your identity (backdoor Trojan), another place to store information (mIRC, FTP bot), or make a name for one’s self by spreading as much and as fast as possible (worm). Because there is more on the line, there are more resources on the side of evil than good.

So what can you do?

Well, all the major antivirus players seem to be doing two things. First, they are beefing up their antivirus programs to try to stop this. The side effect to this is an antivirus software that is now taking up 60% of your computer resources and creating little add-ins that require you to do more manual maintenance. From what I have seen, this is not really effective. All it’s doing is slowing you down. If this was effective, then my laptop with 4 gig of ram, 2.4ghz processor, and a 100gb 7200 rpm hard drive that is bogged down with Symantec Endpoint 11 would not have just gotten the WinAntivirus 2010 virus from the spoofed UPS email I just opened. Or my desktop with 3gig of ram, 3ghz processor, 500gb 7200prm hard drive bogged down with McAfee would not have just downloaded a Russian speaking virus from my friends Facebook profile. Trust me, by the numerous issues per day ACS works on I know I am not alone. Yes, my antivirus was up to date, my Network threat protection was enabled, Tamper protection was enabled, the internet was marked as an untrusted zone, and I even verified that the firewall component was enabled. More features just bog me down, make it confusing, and leave more room for misconfiguration.

These companies are also releasing different methods of protection. Most have been around for a while, but now are starting to get serious attention and are becoming more effective. It is very important to choose the right solution for your infrastructure and as your IT provider what’s best for your situation.

So what are some of these methods:
The correct firewall – you can spend fifty or five thousand dollars. The correct one depends on your setup and need. The biggest mistake is most people make a decision based on price, and many firewalls I have seen implemented are doing more harm than good. Make sure you weigh all the factors before making a decision.
Content filtering – while not a viable option for all companies this is usually a very effective way to protect your network. By using an effective content filter you can not only protect yourself from malicious programs, you can also protect your business from losing time/money due to employees goofing off.
Gateway Antivirus protection – Just one more way to filter your traffic, but at it’s source. By adding this to your arsenal, you are removing viruses before they hit your machines.
Managed Anti-spam protection – Spam is a growing problem, but in addition to just wasting time deleting junk it’s also a way to get malicious programs. A Managed Anti-Spam solution can eliminate the junk mail while saving your machines.
Deep Packet Inspection – A powerful method for filtering traffic. DPI acts almost like a customizable antivirus/content filter. This is not meant to replace these functions but instead to add to them. DPI will scan for a pattern within a packet rather than the file itself like an antivirus solution will. DPI signatures were more effective in preventing the Conficker virus than the antivirus programs themselves when it first released.
Managed antispyware protection – Antispyware is best to work in conjunction with antivirus software. A managed solution will ensure that your systems are fully updated and have the appropriate settings for your environment. While antivirus is necessary for preventing viruses they usually lack the protection of those pop-up campaigns, and rouge antivirus/spyware programs.
Managed Antivirus protection – While antivirus has been the topic here, it still is necessary, and by having the appropriate managed solution you increase the effectiveness.

Brian Kingsley – Director of Technical Services

Next Page »