Bitdefender – True Agentless protection

June 13, 2017 Kim Bottu 0

Last week I was in London at the InfoSecurity convention having a look what is happening in the security world. If you have never attended InfoSecurity, it is a free event where most of the presentations are a bit loaded on the marketing side.  Of course there are always exceptions. The 2-hour workshops are truly gems. At least the workshops which I did attend to. What if you could protect VM’s without agents or without any other piece of installed software? The workshop which really caught my attention was the workshop presented by Andrei IONESCU and Adrian Liviu ARSENE who are both employed by Bitdefender: ‘Data Center Security – HYPERVISOR INTROSPECTION’. Starting with explaining how external and internal threats are evolving they quickly moved on to explain how their […]

No Image

Journey to VCIX-NV – Part 4 – DLR Control VM SSH Access

August 25, 2016 Shady ElMalatawey 0

So, in this this stage I wanted to test the Distributed Logical Router (DLR) setup. The DLR is one of two types of routers available in NSX Platform and is mainly used in East-West traffic routing to avoid the traffic hair-pinning which can occur in normal centralized routing. For more info, check Roie ben Haim‘s marvelous article about the DLR here. The DLR consists mainly of two components: The Control VM (CVM) which is an Edge Services Gateway (ESG) built specifically to handle routing. Like any normal physical router, this is the SUP module that does all routing stuff (calculating routes and neighboring) and owns the routing tables. tThe CVM isn’t a part of the Data path. The Kernel modules in the ESXi Hosts: This module does […]

No Image

Journey to VCIX-NV – Part 3 – Transport Zones, Clusters and Distributed Switches: Relation and Design Aspects

August 22, 2016 Shady ElMalatawey 0

At this point, I started deploying the basic block of any NSX implementation: Logical Switches. Logical Switches are deployed as a virtual distributed port group on your vSphere Distributed Switch (vDS). Logical Switches are deployed within a logical entity called Transport Zone. This Transport Zone can span one or more clusters and single host can’t be added to the Transport Zone. Couple of thoughts jumped to my mind: what is the limit of a Transport Zone? and How does it represent a logical boundary for your NSX implementation? What is the relation between it and both of added clusters and the vDS(es) in the environment? How do all of that affect my design any NSX implementations? To answer my thoughts together, let’s […]

Journey to VCIX-NV – Part 2 – Deploying and Editing NSX Controllers Settings

July 26, 2016 Shady ElMalatawey 0

The next components to deploy are the NSX Controllers. These are the main components of the NSX Platform Control Plane. NSX Controllers can be deployed as a single instance (not recommended for production) or in a cluster of three nodes. They’re deployed by the NSX Manager itself, with just few clicks in the NSX Manager GUI. For lab environments, you can deploy just a single instance of the NSX Controller and you will be fine. If you want to deploy three of them, you might hit a problem with resource contention, because it requires 4 vCPUs, 4 GB of RAM and 2 GB RAM Reservation by default and you can’t edit the VM Settings. I found a blog post of Tom Fojta about downsizing NSX Controllers (In […]

Journey to VCIX-NV – Intro

July 23, 2016 Shady ElMalatawey 0

This is my series regarding my journey towards VCIX-NV. This series is not about giving you a full hands-on guide for the exam as many have already done this well, but this is only about adding more remarks about the lab issues and other useful resources. For those who don’t know VCIX-NV is a practical-lab certification for VMware NSX. To be able to pass the exam you will need a home-lab or some old servers at work which have been setup with vSphere and NSX so you can get your hands dirty. This is just an introduction I will list my used resources, my home lab configuration and a short description of what my virtual lab is gonna be like. Used Resources: VMware […]

Journey to VCIX-NV – Part 1 – Deploying NSX Manager on VMware Workstation

July 23, 2016 Shady ElMalatawey 0

The VMware NSX Manager is the first component you have to deploy. The NSX Manager represents the Management Plane of this platform and enables you to use the NSX Platform. Usually the NSX Manager is deployed by importing OVA File on vCenter Server or ESXi Host. When you follow the installation wizard for OVA/OVF it allows you to add network information, an admin account  password and a Privileged CLI  password. As described in my intro post, and for my lab purposes I have deployed the NSX Manager directly in VMware Workstation. However, VMware Workstation doesn’t allow you to enter this information and hence you will have to manually edit it using the CLI on the NSX Manager itself. First, import the OVA File downloaded from […]

REVIEW: Learning VMware NSX Book by Ranjit Singh Thakurratan

July 11, 2016 Shady ElMalatawey 0

This book is one of the first books about VMware NSX 6.2. Being to the point and not too big a book, this book is really one of the resources you should have in your library if you’re using VMware NSX. Let us have a quick look at the book contents This book has nine chapters: Chapter 1: An introduction into Network Virtualization concepts and NSX-V. It also includes the only current (albeit inofficial) reference for NSX 6.2 Configuration Maximums. Chapter 2: An introduction into NSX components which is a simple and smooth entrance to the world of VMware NSX. This includes also a good explanation of the VXLAN concepts. It also gives an overview of the much anticipated new feature: Cross-vCenter NSX. Chapter 3: This chapter explains […]

NSX 6.2 + vSphere 6+ SRM

May 1, 2016 Kim Bottu 0

Since NSX has replaced vShield in the VCAP6-DCV DESIGN exam, we have to know the topology of how NSX integrates with vSphere. Hany Michael has done all the hard work and has placed the diagrams online. You can find them here. Michael hosts the full Quality picture on his site as a PDF. Please click the linkand generate some traffic on his site! NetSkyX-NSX62-vRA70-SRM60-vS60-ReferanceArchitecture-W14.pdf http://www.networkskyx.com/ http://www.networkskyx.com/wp-content/uploads/2016/01/NetSkyX-NSX62-vRA70-SRM60-vS60-ReferanceArchitecture-W14.pdf http://www.networkskyx.com/wp-content/uploads/2016/01/NetSkyX-NSX62-vRA70-SRM60-vS60-ReferanceArchitecture-W14.pdf