Bitdefender – True Agentless protection

June 13, 2017 Kim Bottu 0

Last week I was in London at the InfoSecurity convention having a look what is happening in the security world. If you have never attended InfoSecurity, it is a free event where most of the presentations are a bit loaded on the marketing side.  Of course there are always exceptions. The 2-hour workshops are truly gems. At least the workshops which I did attend to. What if you could protect VM’s without agents or without any other piece of installed software? The workshop which really caught my attention was the workshop presented by Andrei IONESCU and Adrian Liviu ARSENE who are both employed by Bitdefender: ‘Data Center Security – HYPERVISOR INTROSPECTION’. Starting with explaining how external and internal threats are evolving they quickly moved on to explain how their […]

The Host Virtual MAC Address Riddle

September 5, 2016 Bilal Ahmed 0

For ages I have been pondering over ‘something’ which seems very trivial and the fact I can’t get any solid info on it is driving me nuts: Why does every pNIC also have a virtual MAC address? So here with have the VMkernel ports, a VSS and pNICS: Just as you would expect, every physical NIC (pNIC) on a host has a MAC address. BUT when you type ‘esxcfg-info -n‘ in the shell, you will notice that every vmnic also has a Virtual MAC Address!   \==+Physical Nic : |—-Name…………………………………………..vmnic3 |—-PCI Segment…………………………………….0 |—-PCI Bus………………………………………..2 |—-PCI Slot……………………………………….0 |—-PCI function……………………………………1 |—-MAC Address…………………………………….XX:XX:XX:32:06:1f |—-Virtual MAC Address……………………………..00:50:56:52:06:1f |—-FPT Shareable………………………………..true Now as you can see the Virtual MAC Address starts off with a VMware MAC and then finishes at the […]

Dell Compellent and SCSI UNMAP

May 15, 2016 Bilal Ahmed 0

Dead space reclamation (SCSI UNMAP) Basically the UNMAP command is used when you have Thin Provisioned LUNs, you run it against VMFS  5 datastores, hopefully freeing up some space. This will allow the hosts to correctly report the list of deleted blocks on the datastore to the array. It basically is a space reclamation feature that helps reclaim space left by deleted data. The main reasons you would want to run this on all Thin Provisioned LUNs, would be because of: Storage vMotion, VM snapshots and VM deletion. As even though the VM/Snapshot etc has been deleted it doesn’t mean the array is aware of this! It was disabled in ESXi 5.0, due to various issues and enabled in 5.1 by using […]

Setting a persistant scratch location on a ESXi host

May 11, 2016 Bilal Ahmed 0

I noticed one of the hosts had a warning saying that: So basically I did what this KB article said: VMware KB article I had a look at another host, and had a look at the Advanced Settings value for: ScratchConfig.ConfiguredScratchLocation It showed a VMFS volumes /vmfs/volumes/UUID/Scratch folder for that host. So it showed me the UUID such as this: vmfs/volumes/51dda02d-fade5016-8a08-005056171889/HOSTNAME So it looked like there was a folder on this LUN every host! So since I am new to this environment I had to find a way to translate the UUID to the name of the actual SAN datastore being used. I did this by using the: esxcli storage filesystyem list | grep UUID This gave me the actual […]