VMworld is only a little over 2 weeks away as of this post! vBrainstorm will have 3 of our bloggers there and we want to make sure you know how to connect up with us. All of us are active on Twitter so I will list our Twitter accounts below. I will be doing some live broadcasts on Periscope so follow me there (rolltidega) to make sure you don’t miss out on anything. Finally look for us in our customized VMworld 2015 polos that are being provided by some sponsors (blog posts forthcoming). Our Twitter handles and web site will be on the back of each shirt so if you have never met us do not hesitate to come up and say hello! We want to meet you! Thanks and we hope to see you there!
All posts by Shawn Cannon
Have you always wanted to attend VMworld but could not afford the conference fee? I have good news for you! Veeam is sponsoring a blogger contest for a chance to win a full VMworld conference pass as well as a FastPass to Veeam’s epic party at VMworld! If you have never attended a Veeam party you have been missing out! Here is what you have to do for a chance to win. Leave a comment below telling your best story of why you should win the full conference pass! It’s that easy! The winner will be selected and announced by Veeam on July 30. So what are you waiting for? Comment away!!
Extra chance: Also, Veeam will be giving away one more full conference pass to a random user who’ll answer three questions correctly at http://go.veeam.com/play-veeam-trivia.html
Here at vBrainstorm we enjoy reporting news about the vendors in the IT space. Tegile Systems is one of the Solid State storage vendors that we follow. A press release was published today naming Tegile as a visionary in Gartner’s Magic Quadrant for Solid-State Arrays. Kudos to you Tegile! The press release is below.
Tegile Systems Positioned Among the ‘Visionaries’ of Gartner’s Magic Quadrant for Solid-State Arrays Acknowledgement from Gartner makes Tegile the only upstart storage company to be in all-flash and general-purpose Magic Quadrants
Newark, Calif., June 23, 2015 – Tegile Systems, the leading provider of flash-driven storage arrays for databases, virtualized server and virtual desktop environments, today announced that it has been positioned by Gartner Inc. in the “Visionaries” quadrant of the “Magic Quadrant for Solid-State Arrays”* report (http://pages.tegile.com/Q3_2015_Report_Gartner_Quadrant_Gartner_Magic_Quadrant_Tegile.html). Tegile is the only upstart storage company to be named among the Visionaries in this and Gartner’s 2014 “Magic Quadrant for General-Purpose Disk Arrays” reports.
The Magic Quadrant for Solid-State Arrays represents vendors that sell into the enterprise end-user market with specific branded SSAs. Each vendor in the Magic Quadrant is evaluated based on its ability to execute (product/service, overall visibility, sales executive/pricing, market responsiveness/record, marketing execution, customer experience and operations) and its completeness of vision (market understanding, marketing strategy, sales strategy, offering (product) strategy, business model, vertical/industry strategy, innovation and geographic strategy).
Gartner recognized Tegile as a Visionary for the following reasons:
- A comprehensive portfolio of Intelligent Flash Arrays, which leverages the same hardware, software and management GUIs for all its storage arrays
- Broad block and file protocol, which makes Tegile one of the few unified SSA offerings
- Selectable data reduction, and detailed instrumentation and data reduction reporting on a storage pool and LUN level
“We are pleased to once again be recognized by Gartner analysts among the ‘Visionaries’ in their well-respected Magic Quadrant reports,” said Rob Commins, vice president of marketing at Tegile. “Whether it is an all-flash array for Tier-1 workloads or a hybrid array that provides the performance of flash at the price of disk, Tegile has shown time and time again its ability to deliver innovative products that address operationally or financially important end-user problems at a broad scale to warrant our inclusion on Gartner’s Magic Quadrant.”
Tegile All-Flash Arrays make it easy and affordable to transition to a flash-centric data center. By delivering maximum performance, high density and compelling economics, the T-Series is ideal for latency-sensitive, business-critical workloads such as online transaction processing, real-time analytics, decision support and data warehousing. The T-Series portfolio enables users to start small and scale in capacity as their business grows. Organizations can start with the T3600 or T3700 to deliver a turbo-boost to legacy storage while deferring equipment replacement before moving up to the T3800 when density and capacity requirements grow.
About Tegile Systems
Tegile Systems is pioneering a new generation of intelligent flash arrays that balance performance, capacity, features and price for virtual desktop and database applications. With Tegile’s line of all-flash and hybrid storage arrays, the company is redefining the traditional approach to storage by providing a family of arrays that accelerate business critical enterprise applications and allow customers to significantly consolidate mixed workloads in virtualized environments.
Tegile’s patented IntelliFlash™ technology accelerates performance and enables inline deduplication and compression of data so each array has a usable capacity far greater than its raw capacity. Tegile’s award-winning solutions enable customers to better address the requirements of virtualization, virtual desktop integration and database integration than any other offerings. Featuring both NAS and SAN connectivity, Tegile arrays are easy-to-use, fully redundant and highly scalable. They come complete with built-in snapshot, remote-replication, near-instant recovery, onsite or offsite failover, and VM-aware features. Additional information is available at www.tegile.com. Follow Tegile on Twitter @tegile.
VMworld 2015 is right around the corner in San Francisco and vBrainstorm.com will be there as an official blogger of VMworld! What can you expect? All the announcements made at the keynotes will be reported and summarized here. We will be meeting with some of the vendors to report on their products. These reports will be blog posts as well as videos. We will also use Periscope for some live video reports so make sure you check us out there. It should be a great week of virtual goodness and fun so stay tuned!
Shawn Cannon – vBrainstorm Blogger
Looks like VMware has made the 6.0 version of their vSphere and related product lines available today. Here are the links to download. Note: These links require a My VMware account that is licensed for these products.
VMware vCloud Suite 6.0 (You can get ESXi 6.0, vCenter Server 6.0, vSphere Replication 6.0, vSphere Data Protection 6.0, vCenter Site Recovery Manager 6.0, vRealize Orchestrator Appliance 6.0.1 and vRealize Operations Manager 6.0.1 from this link. Virtual SAN is included with ESXi and vCenter Server downloads)
Short and simple right?
This is from the VMware Site.
VMware Announces General Availability of vSphere 6
Today, we are excited to announce the general availability of VMware vSphere 6 along with a slew of other Software-Defined Data Center (SDDC) products including VMware Integrated OpenStack, VMware Virtual SAN 6, VMware vSphere Virtual Volumes, VMware vCloud Suite 6, and VMware vSphere with Operations Management 6.
vSphere 6 is the latest release of the industry-leading virtualization platform and serves as the foundation of the SDDC. This is the largest ever release of vSphere and is the first major release of the flagship product in over three years. vSphere 6 is jammed pack with features and innovations that enable users to virtualize any application, including both scale-up and scale-out applications, with confidence. New capabilities include increased scale and performance, breakthrough industry-first availability, storage efficiencies for virtual machines, and simplified management at scale. For more details on the blockbuster features please refer to the vSphere 6 announcement.
If you are interested in learning more about vSphere 6, there are several options:
- Read more about vSphere 6 at the products pages
- Experience vSphere 6 with our free 60-day evaluation
- Take one of the new instructor-lead vSphere 6 courses that are now available:
- VMware vSphere: What’s New[V5.5 to V6] explores the newest features and enhancements in VMware vSphere 6 including VMware vCenter Server 6.
- VMware vSphere: Install, Configure, Manage [V6] intensive hands-on training that focuses on installing, configuring, and managing VMware vSphere 6.
- VMware vSphere: Optimize and Scale [V6] teaches advanced skills for configuring and maintaining a highly available and scalable virtual infrastructure.
For those of you in fields where regulatory requirements are important then this news from HyTrust is for you. They have entered the process to be validated for FIPS 140-2. A press release was released yesterday, March 11 2015. The contents of this press release is below.
MOUNTAIN VIEW, Calif.–(BUSINESS WIRE)–HyTrust Inc., the Cloud Security Automation Company, today announced that the HyTrust KeyControl®Cryptographic Module has entered the validation process for FIPS 140-2 compliance. By adding FIPS 140-2 validation, HyTrust will continue to strengthen support for critical regulatory mandates such as PCI, HIPAA, and FedRAMP, offering a significant competitive advantage in an environment where data security compliance requirements are being updated and enforced across the board.
“The HyTrust engineering team has extensive experience in building FIPS 140-2 compliant encryption systems. We have a deep understanding of the complexities involved in both the security requirements for cryptographic modules and the validation process,” said Hemma Prafullchandra, CTO and senior vice president of Products at HyTrust. “That’s why we can assure our customers that there will be a seamless upgrade path from current HyTrust DataControl deployments to the FIPS-validated version.”
FIPS 140-2 and the validation process involved represent an established standard from the National Institute of Standards and Technology (NIST). It exists specifically to validate that a cryptographic module creates and handles encryption keys in a secure manner. The validation serves to assure users that the technology has passed rigorous testing by an accredited third-party lab, in accordance with NIST’s Cryptographic Module Validation Program. Since its inception, FIPS 140-2 has been considered the defining benchmark for securely engineered encryption in a range of critical areas, from the defense sector to financial services and other sensitive vertical industries.
HyTrust KeyControl® is a hardened software appliance that can be easily deployed on physical or virtual servers. Working in tandem with the HyTrust DataControl® encryption engine, KeyControl provides automated and centrally managed control over all encryption and key management policies. The Cryptographic Module is a subset of HyTrust KeyControl, representing the core software elements that generate and manage cryptographic keys. HyTrust KeyControl uses the module to generate and protect keys, enabling the rest of the solution to confidently store and distribute those protected keys.
About HyTrust (www.hytrust.com)
HyTrust is the Cloud Security Automation Company. Its mission is to secure the next generation datacenter by automating data protection and continuously enforcing security policies for the people and tools that operate private, hybrid and public clouds. HyTrust software helps enterprises increase system availability, reduce the risk of compromise, and ensure compliance to industry standards. With HyTrust, organizations gain the control, visibility and security necessary for a trustworthy cloud.
The Company is backed by strategic investors VMware, Cisco, Intel, In-Q-Tel, Fortinet, and venture capital investors Granite Ventures, Trident Capital,Epic Ventures and Vanedge Capital; its technology and go-to-market partners include VMware; VCE; Symantec; CA; McAfee; Splunk; HP Arcsight;Accuvant; RSA and Intel.
HyTrust; HyTrust, Inc.; HyTrust CloudControl (HTCC); HyTrust DataControl (HTDC); HyTrust DataControl: VM Edition; HyTrust DataControl: Virtual Storage Edition; HyTrust DataControl: AWS Edition; HyTrust KeyControl (HTKC); HyTrust Appliance; HyTrust Appliance Community Edition; HyTrust Cloud Control; HighCloud; HighCloud DSM; HighCloud VMV; HighCloud Key and Policy Server; “Virtualization Under Control”; “Cloud Under Control” and “Virtualization & Cloud Under Control” are all trademarks of HyTrust, Inc. All other names and trademarks are property of their respective firms.
Recently at my day job we had some new storage allocated at our recovery site to use for vSphere storage. I was tasked with decommissioning the old datastores. The problem is that my replicated VMs resided on the old storage. Of course I could go into my vSphere replication settings on each VM and just point it to the new datastores and be done with it. That would have taken quite some time to do since the VMs would have to fully replicate again. I wanted to find an easy way to copy the replicated VMs from the old datastores to the new datastores. So I did some Internet searches and found the following blog post: Copy Files Between Datastores – PowerCLI. Dan Hayward posted a useful PowerCLI script that he used to copy ISO files from one datastore to another. I basically adapted this script and changed it to move a VM from an old datastore to another. I could have scripted it and passed in the variables from a CSV file but I wanted to update the vSphere Replication settings one VM at a time. So here is what my script looked like:
#Set’s Old Datastore
$oldds = get-datastore “OldDatastore”
#Set’s New Datastore
$newds = get-datastore “NewDatastore”
#Set’s VM Folder Location
$VMloc = “VMName”
new-psdrive -Location $oldds -Name olddrive -PSProvider VimDatastore -Root “\”
new-psdrive -Location $newds -Name newdrive -PSProvider VimDatastore -Root “\”
#Copies Files from Old to New
copy-datastoreitem -recurse -force -item olddrive:\$VMloc\$VMloc*.vmdk newdrive:\$VMloc\
Basically the script connects you to your vCenter server, sets the old and new datastore variables, sets the VM Folder name and then does the magic to map the datastores and copy the VMDK files from the old to the new. Having the VMDK files copied over to the new datastores allowed me to use these as my replication seed for each drive when I reconfigured replication settings for the VM. I just updated this file for each VM that I needed to copy to the new datastores.
Obviously this could have been automated even more as I had to do this for over 120 VMs but I am not a scripting expert. I am just thankful for a great blog post from Dan Hayward to help me out! Thanks Dan!
VMware has announced the first round of vExperts for 2015 and I am please to report that myself and Roger of vBrainstorm.com have made the list once again! This is my 3rd year in a row being selected so the picture above reflects that. Here is the announcement from VMware as well as a link it.
First we would like to say thank you to everyone who applied for the 2015 vExpert program.
I’m pleased to announce the list 2015 vExperts. Each of these vExperts have demonstrated significant contributions to the community and a willingness to share their expertise with others. Contributing is not always blogging or Twitter as there are many public speakers, book authors, script writers, VMUG leaders, VMTN community moderators and internal champions among this group.
I want to personally thank everyone who applied and point out that a “vExpert” is not a technical certification or even a general measure of VMware expertise. The judges selected people who were particularly engaged with their community and who had developed a substantial personal platform of influence in those communities. There were a lot of very smart, very accomplished people, even VCDXs, that weren’t named as vExpert this year.
If you feel like you were not selected in error, that’s entirely possible. The judges may have overlooked or misinterpreted what you wrote in your application. Email us at [email protected] and we can discuss your situation. We looked at all of the 2014 activities to determine the voting results.
We will open the second half 2015 applications soon which will only allow for two voting periods this year rather then the three we had last year.
If you were selected as a vExpert 2015, we will be conducting the on-boarding throughout the next few weeks so hold tight and expect future communication from us soon. You must successfully be enrolled in our private vExpert community to be listed in the vExpert directory and to be alerted to opportunities like the beta programs and complimentary licenses that we offer to vExperts. We will provide instructions to gain access to the private forum and the vExpert directory in the next communication via email. We will use the email address provided in your vExpert application.
Congratulations to all the vExperts, new and returning. We’re looking forward to working with you. Command + F away and find your name if you can’t wait for the welcome email
and the VMware Social Media & Community Team
I wanted to share this information from the VMware Security and Compliance Blog. The bottom line is that no VMware products at this time have been found that are vulnerable to the glibc gethostbyname* buffer overflow (CVE-2015-0235). The quoted blog post is below as well as a link to the post itself.
This Tuesday a buffer overflow in the gethostbyname family of functions (“gethostbyname*”) in the widely used glibc library (CVE-2015-0235) was disclosed. As soon as we became aware of this vulnerability we began investigating. We regarded it as a significant vulnerabiliy since theoriginal advisory detailed remote code execution in the Exim mail server.
We quickly realized that exploitability of this vulnerability depends on where and how the vulnerable function is invoked. In particular, if an attacker cannot control the arguments passed to the gethostbyname* functions, then the overflow cannot be triggered. Suffice it to say, the applicability of this vulnerability to the Exim mail server, cannot be generalized to all software using glibc, or even to all invocations of gethostbyname*.
We have been reviewing the use of glibc and gethostbyname* in our products. Based on our current analysis, we have not identified any VMware product that is affected by this issue. Many of our products do use a vulnerable version of the glibc library, but we have not found a way to pass untrusted input to gethostbyname*. Our KB on this issue is published here.
We take the security of customers extremely seriously. Even though no VMware product has been found to be exploitable using this issue, we will update the glibc library in normal upcoming maintenance releases.
VMware released security advisory VMSA-2015-0001 on January 27 2015. A link to the advisory can be found here. An overview of the items that this advisory addresses is shown below.
- VMware ESXi, Workstation, Player, and Fusion host privilege escalation vulnerability
VMware ESXi, Workstation, Player and Fusion contain an arbitrary file write issue. Exploitation this issue may allow for privilege escalation on the host.The vulnerability does not allow for privilege escalation from the guest Operating System to the host or vice-versa. This means that host memory can not be manipulated from the Guest Operating
- VMware Workstation, Player, and Fusion Denial of Service vulnerability
VMware Workstation, Player, and Fusion contain an input validation issue in the Host Guest File System (HGFS). This issue may allow for a Denial of Service of the Guest Operating system.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-1043 to this issue.
- VMware ESXi, Workstation, and Player Denial of Service vulnerability
VMware ESXi, Workstation, and Player contain an input validation issue in VMware Authorization process (vmware-authd). This issue may allow for a Denial of Service of the host. On VMware ESXi and on Workstation running on Linux the Denial of Service would be partial.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2015-1044 to this issue.
- Update to VMware vCenter Server and ESXi for OpenSSL 1.0.1 and 0.9.8 package
The OpenSSL library is updated to version 1.0.1j or 0.9.8zc to resolve multiple security issues.The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-3513, CVE-2014-3567, CVE-2014-3566 (“POODLE”) and CVE-2014-3568 to these issues.
- Update to ESXi libxml2 package
The libxml2 library is updated to version libxml2-2.7.6-17 to resolve a security issue.The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2014-3660 to this issue.