North East England VMware User Group VMUG

North East England VMUG – 26th September 2019

The next North East England VMUG will be taking place on Thursday 26th September at the Royal Station Hotel, Newcastle, and I’m excited to be presenting alongside so many fantastic individuals from throughout the vCommunity.

My session will be covering VMware NSX Data Centre for vSphere (NSX-V) and, more specifically, a real world look at micro-segmentation and the implementation of a zero-trust environment. NSX makes this fairly easy thanks to a number of built-in tools, and we’ll explore how we can use the NSX Application Rule Manager to visualise application dependencies in order to start fleshing-out our Distributed Firewall rules.

Continue reading → North East England VMUG – 26th September 2019

VMware vCenter Server Appliance – Reset Lost, Forgotten or Expired Root Password

Patching my lab’s vCenter Server Appliance this evening raised an issue whereby the root password had expired. Unable to login via root, I can still administer the appliance via a vCenter’s SSO domain account (administrator@vsphere.local, for instance), however, attempts to perform any updates will not be possible until the appliance’s root account password is reset. This an easy exercise, however, this is not possible via vSphere UI or console, only bash.

Continue reading → VMware vCenter Server Appliance – Reset Lost, Forgotten or Expired Root Password

VMware NSX Data Center for vSphere (NSX-V) – Dynamic Routing via OSPF

VMware NSX Data Center for vSphere (NSX-V) has been able to leverage dynamic routing via Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP) for some time and, in this article, I detail the process of configuring OSPF on both an Edge Services Gateway (ESG) and a downstream Distributed Logical Router (DLR).

OSPF, a Link State Protocol and member of the Interior Gateway Protocol (IGP) family (which also includes Routing Information Protocol (RIP), Intermediate System to Intermediate System (IS-IS), and Enhanced Internal Gateway Routing Protocol (EIGRP)), enables all participating routers to dynamically exchange network topology information to calculate the best shortest path (cost) of a route’s destination.

Continue reading → VMware NSX Data Center for vSphere (NSX-V) – Dynamic Routing via OSPF

VMware vExpert 2019

VMware vExpert 2019 – Second-Half Applications Now Open

Twice each year VMware’s vExpert program opens its doors to applications throughout the IT and tech community. That second door opened just recently on June 7th 2019. The vExpert community is a group of like-minded enthusiasts, bloggers, book authors, VMUG leaders, speakers, tool builders, and community leaders.

If you are already busy in the community and are contributing in some way, this will without doubt open doors for you, give you priority access to VMware information and, of course, there are the usual vExpert licensing benefits.This has opened a huge amount of doors for me over the past two years, and has been a key driver in forming a number of fantastic relationships and creating some amazing opportunities. In my eyes, the VMware community in general is the most amazing community out there. Full of amazing, knowledgeable people, so why not join in?

Continue reading → VMware vExpert 2019 – Second-Half Applications Now Open

Integrating VMware Horizon with Azure Multi-Factor Authentication Server

For those already consuming Microsoft Office 365, then you will undoubtedly (to some level) be utilising Azure Active Directory. Azure AD comes with an array of tools, some of which aren’t confined to public cloud; some can even aid and strengthen your on-premises applications. One such tool is the Azure Multi-Factor Authentication Server, an on-premises 2-factor authentication mechanism which can integrate with on-prem VMware Horizon environments.

The Azure MFA Server enables us to further enhance the security of numerous applications capable of integrating with 2FA authentication, and VMware Horizon has been able to integrate with such solutions for some time. This additional level of security is a much sought after function which serves to further secure public access to internal desktop pools.

Continue reading → Integrating VMware Horizon with Azure Multi-Factor Authentication Server

VMware NSX-T 2.4 – ‘A Landmark Release’

Today saw the release of VMware NSX-T 2.4, the latest and greatest, lauded as a ‘landmark release’ for the product.

Since its initial release in February 2017, NSX-T has focused on addressing organisational requirements to support cloud-native applications, bare metal workloads, multi-hypervisor environments, and public clouds. With the release of NSX-T 2.4, we can now add multi-clouds to the list.

NSX-T delivers security to diverse endpoints such as VMs, containers, and bare metal, as well as a range of cloud platforms and cloud native projects including Kubernetes, VMware PKS, Pivotal Application Service (PAS), and Red Hat OpenShift.

With NSX-T 2.4, VMware are able to deliver further advancements in networking, security, automation, and an ‘operational simplicity for everyone’. This includes IT admins, DevOps teams, and developers. As such, NSX-T is an enabler for customers embracing cloud-native application development, expanding use of public cloud, and those who require automation to drive agility.

Continue reading → VMware NSX-T 2.4 – ‘A Landmark Release’

South West UK VMUG – 20th March 2019

The first South West UK VMUG will be taking place on Wednesday 20th March 2019 at the Bristol and Bath Science Park, an event which also marks my first time presenting at a VMUG. No pressure, but I will be following a session by fellow vExpert, Chris Lewis (no relation).

My session will be covering VMware NSX Data Centre for vSphere (NSX-V) and, more specifically, the reality of managing a zero-trust environment for true micro-segmentation of services. NSX itself makes this fairly easy thanks to a number of tools (Application Rule Manager being just one), however, there are always a number of human variables which need to be acknowledged and identified along the way.

Continue reading → South West UK VMUG – 20th March 2019

RunNSX

VMware NSX Data Center for vSphere 6.4.4 Released

In what was a slightly quiet announcement, VMware NSX Data Center for vSphere 6.4.4 was released just two days ago on Thursday 13th December 2018. Unsure as to why this was such a hushed release as there are a number of cool items to shout about.

Other than the usual resolved issues, 6.4.4 has had a much awaited functionality update. Specifically, we are now able to manage Logical Switches, perform Edge Appliance management, Edge Services (DHCP, NAT), Edge Certificates, and Edge Grouping Objects, all from the HTML 5 vSphere Client. Until 6.4.4, these features were only available via the legacy Flex vSphere Web Client, forcing NSX administrators to jump between the two difference consoles.

Continue reading → VMware NSX Data Center for vSphere 6.4.4 Released

VMware NSX Data Centre – Application Rule Manager

With the release of VMware NSX 6.3.0 back in February 2017, we saw the introduction of the Application Rule Manager (ARM). The Application Rule Manager allows us to a) simplify the process of creating grouping objects and distributed firewall rules for the micro-segmentation of existing workloads, and b) deploy applications within a zero-trust environment with greater speed and efficiency.

Continue reading → VMware NSX Data Centre – Application Rule Manager

VMware NSX Edge Load Balancers: Part 2 – In-Line/Transparent Mode

In Part 1 we looked at the deployment of the NSX Edge load balancer in One-Armed/Proxy mode. As detailed, this flavour of NSX Edge load balancer requires nothing from its back-end server pool members, and enables us to quickly and easily add a load balancer to an existing network segment which houses a number of proposed back-end servers.

In-Line/Transparent Mode

In this second post we take a look at the alternative load balancer mode – In-Line/Transparent mode. First of all, unlike the One-Armed/Proxy mode, In-Line load balancers require two logical interfaces (LIFs); one Uplink LIF (connected to either a DLR or upstream Edge) and one Internal LIF. The Internal LIF is directly connected to the network segment housing the back-end servers requiring load-balancing. In addition to this (and unlike the One-Armed/Proxy load balancer), In-Line load balancers are required to act as the default gateway for all back-end servers.

Continue reading → VMware NSX Edge Load Balancers: Part 2 – In-Line/Transparent Mode