vGarethLewis

Page 3 of 10

March 23, 2021March 24, 2021

Replacing the VMware NSX-T Self-Signed SSL Certificate

Reading Time: 4 minutes

Out of the box, NSX-T Data Center utilises self-signed certificates for its cluster and manager nodes; however, it is recommended that you replace the self-signed certificates with CA-signed certificates to improve security.

In this article, we step through creating a certificate signing request and private key, generating a signed certificate in conjunction with your Certificate Authority, and finally applying the new certificate to your NSX-T cluster and manager nodes.

Continue reading → Replacing the VMware NSX-T Self-Signed SSL Certificate

January 28, 2021January 28, 2021

VMware NSX-T Data Center 3.1.1 Released

Reading Time: 3 minutes

On Wednesday 27th January 2021, VMware NSX-T Data Center 3.1.1 was released, offering various new features, all of which offer new functionalities for virtualized networking and security for private, public, and multi-cloud environments.

One of the highlighted features is the much-anticipated support for OSPF!

Continue reading → VMware NSX-T Data Center 3.1.1 Released

January 6, 2021January 7, 2021

Veeam Backup & Replication – Part 2 – Recovery From Failover

Reading Time: 9 minutes

In my previous post (Veeam Backup & Replication – Part 1 – Building Replication Capabilities), we discussed offsite replication jobs using Veeam Backup & Replication v10. As per the Customer’s use case, we created a replication job to ensure a business-critical VM is replicated to a secondary site (Site B) in readiness for any unforeseen failures, planned maintenance, or downtime at the primary site (Site A).

This article discusses the failover and failback options available to us utilising Veeam Backup & Replication and, more importantly, when and where they should be used. We will then demo the failover process of our protected business-critical VM from Site A to Site B, and close by failing back live operations from Site B to Site A.

Continue reading → Veeam Backup & Replication – Part 2 – Recovery From Failover

December 29, 2020January 10, 2021

Veeam Backup & Replication – Part 1 – Building Replication Capabilities

Reading Time: 7 minutes

Just like the time I witnessed my first ever vMotion, seeing Veeam replication in the wild had a similar effect. As its name suggests, Veeam Backup & Replication is about more than just backups and offers customers rather neat replication functionality.

This article discusses Veeam Backup & Replication v10 offsite replication jobs. We also protect a business-critical virtual machine by replicating it to a secondary site. In Part 2 (Veeam Backup & Replication – Part 2 – Recovery From Failover), we will migrate the VM’s live operations to the secondary site before reviewing the available failback options.

Continue reading → Veeam Backup & Replication – Part 1 – Building Replication Capabilities

BANNER-vGareth Lewis-VMware-vRealize-Network-Insight-vRNI-On-Prem-Install-and-Configure

December 23, 2020December 24, 2020

VMware vRealize Network Insight (vRNI) – Part 6 – Importing Recommended Firewall Rules into NSX-T via Python Script

Reading Time: 5 minutes

As the holiday season is almost upon us (just two days), why not finish with one final article in my vRNI series and an article that will likely finalise my blog posts for the year.

In my previous article (VMware vRealize Network Insight (vRNI) – Part 5 – Data Flow Analysis & Micro-Segmentation), we analysed collected data flows in vRNI to manually micro-segment an application utilising the VMware NSX-T Distributed Firewall (DFW). However, what if we want to automate this process? After all, applications that require a small number of firewall rules (such as the application used in the previous article) are rare.

This article looks at Martijn Smit‘s great script, which imports vRNI recommended firewall rules into VMware NSX-T Data Center via a Python script.

Continue reading → VMware vRealize Network Insight (vRNI) – Part 6 – Importing Recommended Firewall Rules into NSX-T via Python Script

December 8, 2020December 23, 2020

VMware vRealize Network Insight (vRNI) – Part 5 – Data Flow Analysis & Micro-Segmentation

Reading Time: 6 minutes

In the previous articles of this series, we covered the installation (VMware vRealize Network Insight (vRNI) – Part 1 – Installation) and configuration (VMware vRealize Network Insight (vRNI) – Part 2 – Configuration) of vRealize Network Insight, before integrating vRNI with Microsoft Active Directory via LDAP (VMware vRealize Network Insight (vRNI) – Part 3 – Identity & Access Management via LDAP).

In the most recent article (VMware vRealize Network Insight (vRNI) – Part 4 – Application Discovery), we delved into application discovery. We defined four applications via several options – manual creation of an application, as well as automated discovery based on vSphere Tags/Custom Attributes and VM naming conventions.

In this final article of the series, we will explore and analyse the collected data flows of one of the previously defined applications. The goal here is to identify all valid traffic flows required to secure the application utilising the NSX-T Distributed Firewall (DFW). My friends, today we look at micro-segmentation.

Continue reading → VMware vRealize Network Insight (vRNI) – Part 5 – Data Flow Analysis & Micro-Segmentation

December 7, 2020December 23, 2020

VMware vRealize Network Insight (vRNI) – Part 4 – Application Discovery

Reading Time: 9 minutes

In the previous articles in this series, we covered the installation (VMware vRealize Network Insight (vRNI) – Part 1 – Installation) and configuration (VMware vRealize Network Insight (vRNI) – Part 2 – Configuration) of vRealize Network Insight, before integrating vRNI with Microsoft Active Directory via LDAP (VMware vRealize Network Insight (vRNI) – Part 3 – Identity & Access Management via LDAP).

In this article, we will dive a little deeper and begin looking at how we can define our applications and, in Part 5 (VMware vRealize Network Insight (vRNI) – Part 5 – Data Flow Analysis & Micro-Segmentation), begin analysing the collected data flows to implement micro-segmentation via the NSX-T Distributed Firewall.

Continue reading → VMware vRealize Network Insight (vRNI) – Part 4 – Application Discovery

December 3, 2020December 9, 2020

Veeam Certified Engineer (VMCE)

Reading Time: 4 minutes

This one has been a long-time coming. I’ve been using Veeam Backup & Replication and Veeam ONE since 2014 and, in anger, since v8.0. I’ve designed, deployed, and managed Veeam solutions; however, I’ve never gotten around to obtaining any Veeam certifications.

If you’ve ever met me in person, I’ve likely told you how much I love the Veeam Availability Suite and how cool it is that Veeam keeps cramming-in so many awesome features with every release. Despite so many great features, Veeam still retains the ability to keep things simple, and I’m a fan of keeping things simple.

Continue reading → Veeam Certified Engineer (VMCE)

November 21, 2020November 21, 2020

VMware vExpert 2021 Applications are Open!

Reading Time: 4 minutes

Don’t miss out on the opportunity, be sure to apply before January 9th, 2021. The vExpert awards will be announced on February 19th, be a part of the announcement!

What is the vExpert Program?

The vExpert Program is simply about giving back to the community beyond your day job. It isn’t a certification, and it isn’t focused on certifications, and neither does it relate to how much you know about VMware technology.

Continue reading → VMware vExpert 2021 Applications are Open!

November 14, 2020November 23, 2020

Replace SSL Certificates on VMware vRealize Log Insight

Reading Time: 3 minutes

Replacing the self-signed SSL certificate utilised by vRealize Log Insight (vRLI) requires a little extra touch than some appliances within the product stack; however, the process is simple enough and documented within this article.

Continue reading → Replace SSL Certificates on VMware vRealize Log Insight