[No Flash] It seems that for many years , actually probably forever, security professionals have behaved in a totally reactive way when it come to data breaches. For example, if a breach was identified and it was determined that it was an issue with user education then the team would try to educate the user. This whole model is flawed as we are behaving and acting like victims because we really can't see the who, what, when, where and why of attacks that we are going to be targeted with. We need to move from defense to offence when it comes to protecting ourselves.
To be in the mindset of an attacker you need to have answers to the following fundamental questions:
1. What are you most valuable assets? Where are these assets? How can they be accessed?
2. If you were the attacker how would you spread malware? And who are the most 'vulnerable' targets in the organization?
3. Do you have a view on the 'normal' behavior of your organization (people, behavior, locations and systems)?
As outlined in my previous blogs these questions aren't new questions, they are the absolute basics of any sound security program yet we seem to get them wrong all the time and fall victim to attacks. So, it's time to get on the offensive….
Here's a quote from Sun Tzu, the ancient Chinese warrior general who even in those days understood really sound security strategies:
'It has been said before that he who has known both sides has nothing to fear in a hundred fights; he who is ignorant of the enemy, and fixes his eyes only on his own side, conquers, and the next time is defeated, he who not only is ignorant of the enemy, but also of his own resources, is invariably defeated.
________________________________
Original Page: http://emcfeeds.emc.com/l?s=100003s2sm4ns80vcpn&r=googlereader&he=68747470253341253246253246626c6f67732e7273612e636f6d2532466368616e67652d796f75722d6d696e647365742d796f752d6172652d7468652d61747461636b657225324625334675746d5f736f7572636525334472737325323675746d5f6d656469756d25334472737325323675746d5f63616d706169676e2533446368616e67652d796f75722d6d696e647365742d796f752d6172652d7468652d61747461636b6572&i=70726f78793a687474703a2f2f626c6f67732e7273612e636f6d2f3f703d37353139
Sent from Feeddler RSS Reader
Sunday, December 30, 2012
Sunday, December 16, 2012
Free e-learning course - vCenter Operations Manager for View Fundamentals
The vCenter Operations Manager for View Fundamentals course<http://mylearn.vmware.com/mgrreg/courses.cfm?ui=www_edu&a=one&id_subject=40846> covers the key features and benefits of vCenter Operations Manager for View, how to install and configure the product, and how to work with the vCenter Operations Manager for View dashboards.
The course has three modules:
Module 1
Introduction – This module discusses the vCenter Operations Manager for View architecture, business challenges, problems vCenter Operations Manager for View solves, and key features of vCenter Operations Manager for View. In addition, you will learn about the vCenter Operations Manager for View user interface and dashboards, how vCenter Operations Manager for View is packaged and licensed, and about how vCenter Operations Manager for View collects data and metrics.
Module 2
Installing and Configuring vCenter Operations Manager for View – This module covers the vCenter Operations Manager for View design considerations, installation process, and configuration tasks.
Module 3
Working with the vCenter Operations Manager for View Dashboards –This module describes the function of each of the dashboards and how to use the dashboards to troubleshoot system issues.
________________________________
Original Page: http://feedproxy.google.com/~r/Ntpronl/~3/IaI5e40X6rc/2248-Free-e-learning-course-vCenter-Operations-Manager-for-View-Fundamentals.html
Sent from Feeddler RSS Reader
The course has three modules:
Module 1
Introduction – This module discusses the vCenter Operations Manager for View architecture, business challenges, problems vCenter Operations Manager for View solves, and key features of vCenter Operations Manager for View. In addition, you will learn about the vCenter Operations Manager for View user interface and dashboards, how vCenter Operations Manager for View is packaged and licensed, and about how vCenter Operations Manager for View collects data and metrics.
Module 2
Installing and Configuring vCenter Operations Manager for View – This module covers the vCenter Operations Manager for View design considerations, installation process, and configuration tasks.
Module 3
Working with the vCenter Operations Manager for View Dashboards –This module describes the function of each of the dashboards and how to use the dashboards to troubleshoot system issues.
________________________________
Original Page: http://feedproxy.google.com/~r/Ntpronl/~3/IaI5e40X6rc/2248-Free-e-learning-course-vCenter-Operations-Manager-for-View-Fundamentals.html
Sent from Feeddler RSS Reader
Monday, December 10, 2012
Network Core Dump Collector Check with ESXCLI 5.1 - VMware vSphere Blog
The ESXi Dump Collector service is an extremely useful feature to have enabled, this is especially important in a stateless environment where there may not be a local disk for storing core dumps generated during a host failure. By configuring ESXi hosts to send it's core dumps to a remote vSphere Dump Collector<http://blogs.vmware.com/vsphere/2011/07/setting-up-the-esxi-50-dump-collector.html>, it still allows you to collect core dumps which will help VMware Support analyze and determine the root cause of the failure.
In addition, by leveraging the vSphere Dump Collector, it allows you centrally manage core dump collection in your vSphere environment in the rare occasion a host may generate a PSOD (Purple Screen of Death) without having to go out to the host and manually copying the core dump file. A potential challenge that may come up when configuring the ESXi Dump Collector service is how do you go about validating the configuration is correct and that everything will work if a host crashes?
In the past, there was not a very user friendly way of validating ESXi Dump Collector configurations, you had to either resort to triggering an NMI<http://kb.vmware.com/kb/1014767> (Non-Maskable Interrupt) to force a PSOD or even using an unsupported command in the ESXi Shell to forcefully crash a host. In both scenarios, it required a user to crash a host to test the network core dump feature which is not very ideal in my opinion. This can especially be a challenge if you need to validate hundreds if not thousands of ESXi hosts in your environment.
With the release of ESXi 5.1, we have added an enhancement to ESXCLI which now supports the ability to check and validate the dump collector configurations on your ESXi host. This new command is available under:
esxcli system coredump network check
The check operation is not a simple network ping test, but it actually goes out and communicates with the configured vSphere Dump Collector to ensure that it can successfully send core dumps over the network. Let's take a quick look at how this new command works:
vi-admin@vMA51:~> esxcli –server vcenter51 –vihost pod23-esx-01a.pml.local –username root system coredump network set -v vmk0 -i 10.24.140.65 -o 6500<tel:6500>
Enter password:
vi-admin@vMA51:~> esxcli –server vcenter51 –vihost pod23-esx-01a.pml.local –username root system coredump network set -e true
Enter password:
vi-admin@vMA51:~> esxcli –server vcenter51 –vihost pod23-esx-01a.pml.local –username root system coredump network get Enter password: Enabled: true Host VNic: vmk0 Network Server IP: 10.24.140.65
Network Server Port: 6500<tel:6500>
vi-admin@vMA51:~> esxcli –server vcenter51 –vihost pod23-esx-01a.pml.local –username root system coredump network check
Enter password:
Verified the configured netdump server is running
In the above example, the first two commands is just demonstrating a regular network core dump configuration<http://kb.vmware.com/kb/2002955> and after that I perform a "get" operation to display the current configuration on the ESXi host. The final command is using the new check operation and we can see from the output that we have successfully verified the dump collector service is properly configured and running. In case there is an error in your configuration, you may see the following message:
Attempt to contact configured netdump server failed: Configured netdump server did not respond in a timely manner
So how do we go about verifying that there was actual communication between the ESXi host and the vSphere Dump Collector as mentioned earlier and not just a pretty print message? For this, we will need to take a look at the Sphere Dump Collector logs. In this example I am using the VCSA (vCenter Serer Appliance) which already has the vSphere Dump Collector pre-installed. The logs are stored in /var/log/vmware/netdumper/netdumper.log and if you tail the log while performing the checking operation, you should a message similar to this:
2012-12-10T17:33:19.328Z| netdumper| I120: Posting back a status check reply to 10.24.137.77
We can see there is an acknowledgement from the vSphere Dump Collector that it can properly communicate with the ESXi host and it is posting a reply back to the host. Hopefully with this new check command in ESXi 5.1, you no longer have to crash your host to just verify that dump collector service on ESXi is properly configured and working.
If you would like to get more details on how the ESXi Dump Collector service works, you can watch this video here:
For more details on configuring the ESXi network core dump, please refer to this VMware KB<http://kb.vmware.com/kb/2002955> article which also provides links to the ESXCLI documentation.
Get notification of new blog postings and more by following VMware Automation on Twitter: [https://lh6.googleusercontent.com/zhM0tNt5R5_R5eywlKztykwzWKS5Z8l6I6FWfc4-O4G8BNf6eq41NHkCf6Dxt6G7aF6Vq4xC4RXu4NS1aNKDq4PICxx0IzhdZmmHx08Sg00eur4kzPc] @VMWAutomation<http://twitter.com/vmwautomation>
blogs.vmware.com [X] <http://blogs.vmware.com/vsphere/2012/12/network-core-dump-collector-check-with-esxcli-5-1.html> |by William Lam on December 10, 2012
◆
________________________________
Original Page: http://blogs.vmware.com/vsphere/2012/12/network-core-dump-collector-check-with-esxcli-5-1.html
Sent from Feeddler RSS Reader
In addition, by leveraging the vSphere Dump Collector, it allows you centrally manage core dump collection in your vSphere environment in the rare occasion a host may generate a PSOD (Purple Screen of Death) without having to go out to the host and manually copying the core dump file. A potential challenge that may come up when configuring the ESXi Dump Collector service is how do you go about validating the configuration is correct and that everything will work if a host crashes?
In the past, there was not a very user friendly way of validating ESXi Dump Collector configurations, you had to either resort to triggering an NMI<http://kb.vmware.com/kb/1014767> (Non-Maskable Interrupt) to force a PSOD or even using an unsupported command in the ESXi Shell to forcefully crash a host. In both scenarios, it required a user to crash a host to test the network core dump feature which is not very ideal in my opinion. This can especially be a challenge if you need to validate hundreds if not thousands of ESXi hosts in your environment.
With the release of ESXi 5.1, we have added an enhancement to ESXCLI which now supports the ability to check and validate the dump collector configurations on your ESXi host. This new command is available under:
esxcli system coredump network check
The check operation is not a simple network ping test, but it actually goes out and communicates with the configured vSphere Dump Collector to ensure that it can successfully send core dumps over the network. Let's take a quick look at how this new command works:
vi-admin@vMA51:~> esxcli –server vcenter51 –vihost pod23-esx-01a.pml.local –username root system coredump network set -v vmk0 -i 10.24.140.65 -o 6500<tel:6500>
Enter password:
vi-admin@vMA51:~> esxcli –server vcenter51 –vihost pod23-esx-01a.pml.local –username root system coredump network set -e true
Enter password:
vi-admin@vMA51:~> esxcli –server vcenter51 –vihost pod23-esx-01a.pml.local –username root system coredump network get Enter password: Enabled: true Host VNic: vmk0 Network Server IP: 10.24.140.65
Network Server Port: 6500<tel:6500>
vi-admin@vMA51:~> esxcli –server vcenter51 –vihost pod23-esx-01a.pml.local –username root system coredump network check
Enter password:
Verified the configured netdump server is running
In the above example, the first two commands is just demonstrating a regular network core dump configuration<http://kb.vmware.com/kb/2002955> and after that I perform a "get" operation to display the current configuration on the ESXi host. The final command is using the new check operation and we can see from the output that we have successfully verified the dump collector service is properly configured and running. In case there is an error in your configuration, you may see the following message:
Attempt to contact configured netdump server failed: Configured netdump server did not respond in a timely manner
So how do we go about verifying that there was actual communication between the ESXi host and the vSphere Dump Collector as mentioned earlier and not just a pretty print message? For this, we will need to take a look at the Sphere Dump Collector logs. In this example I am using the VCSA (vCenter Serer Appliance) which already has the vSphere Dump Collector pre-installed. The logs are stored in /var/log/vmware/netdumper/netdumper.log and if you tail the log while performing the checking operation, you should a message similar to this:
2012-12-10T17:33:19.328Z| netdumper| I120: Posting back a status check reply to 10.24.137.77
We can see there is an acknowledgement from the vSphere Dump Collector that it can properly communicate with the ESXi host and it is posting a reply back to the host. Hopefully with this new check command in ESXi 5.1, you no longer have to crash your host to just verify that dump collector service on ESXi is properly configured and working.
If you would like to get more details on how the ESXi Dump Collector service works, you can watch this video here:
For more details on configuring the ESXi network core dump, please refer to this VMware KB<http://kb.vmware.com/kb/2002955> article which also provides links to the ESXCLI documentation.
Get notification of new blog postings and more by following VMware Automation on Twitter: [https://lh6.googleusercontent.com/zhM0tNt5R5_R5eywlKztykwzWKS5Z8l6I6FWfc4-O4G8BNf6eq41NHkCf6Dxt6G7aF6Vq4xC4RXu4NS1aNKDq4PICxx0IzhdZmmHx08Sg00eur4kzPc] @VMWAutomation<http://twitter.com/vmwautomation>
blogs.vmware.com [X] <http://blogs.vmware.com/vsphere/2012/12/network-core-dump-collector-check-with-esxcli-5-1.html> |by William Lam on December 10, 2012
◆
________________________________
Original Page: http://blogs.vmware.com/vsphere/2012/12/network-core-dump-collector-check-with-esxcli-5-1.html
Sent from Feeddler RSS Reader
Sunday, December 9, 2012
Video - vCenter Operations Manager Foundation
vCenter Operations Manager Foundation will give you insights and visibility into performance and health of your vSphere infrastructure and is now included free with VMware vSphere. VMware vCenter Operations Management Suite provides automated operations management using patented analytics and an integrated approach to performance, capacity and configuration management.
vCenter Operations Management Suite enables IT organizations to get better visibility and actionable intelligence to proactively ensure service levels, optimum resource usage and configuration compliance in dynamic virtual and cloud environments. vCenter Operations Manager Foundation is the new, entry-level edition of the vCenter Operations Management Suite. It gains deep operational insights and visibility to improve the performance and health of your vSphere environment. vCenter Operations Manager Foundation<http://www.vmware.com/products/datacenter-virtualization/vcenter-operations-manager/buy.html> is included with every vSphere edition free of charge.
________________________________
Original Page: http://feedproxy.google.com/~r/Ntpronl/~3/sTyz3cXgL0s/2236-Video-vCenter-Operations-Manager-Foundation.html
Sent from Feeddler RSS Reader
vCenter Operations Management Suite enables IT organizations to get better visibility and actionable intelligence to proactively ensure service levels, optimum resource usage and configuration compliance in dynamic virtual and cloud environments. vCenter Operations Manager Foundation is the new, entry-level edition of the vCenter Operations Management Suite. It gains deep operational insights and visibility to improve the performance and health of your vSphere environment. vCenter Operations Manager Foundation<http://www.vmware.com/products/datacenter-virtualization/vcenter-operations-manager/buy.html> is included with every vSphere edition free of charge.
________________________________
Original Page: http://feedproxy.google.com/~r/Ntpronl/~3/sTyz3cXgL0s/2236-Video-vCenter-Operations-Manager-Foundation.html
Sent from Feeddler RSS Reader
Monday, December 3, 2012
VMware vSphere: Install, Configure, Manage V5.1
About to start the VMware VCP course, and I’m pretty pumped about it...
Sunday, December 2, 2012
Free e-learning course - VMware vCloud Director Fundamentals [V5.1]
The VMware vCloud Director Fundamentals [V5.1] self-paced course<http://mylearn.vmware.com/mgrReg/courses.cfm?ui=www_edu&a=det&id_course=158926> introduces students to the components, architecture, functions, and benefits of vCloud Director.
The course<http://mylearn.vmware.com/mgrReg/courses.cfm?ui=www_edu&a=det&id_course=158926> consists of the following self-paced modules:
* VMware vCloud Director Overview: In this module, you will learn about cloud and cloud implementations. You will also learn about VMware vCloud Director and its benefits and functions.
* VMware vCloud Director Architecture and Components: This module provides an overview of vCloud Director components, illustrates the vCloud Director architecture, defines vCloud Director component functions, and describes how VMware vShield Edge and VMware vCenter Chargeback are integrated with vCloud Director.
* VMware vCloud Director Installation and Configuration: In this module, you will review vCloud Director components and learn about the prerequisites for vCloud Director installation. You will also learn about the procedure to install and configure vCloud Director. Additionally, you will learn about the post-installation steps.
* VMware vCloud Director Administration: This module covers vCloud Director administration tasks, which include how to create and manage organizations, catalogs, cells, users, roles, and compute resources.
* Network Administration in VMware vCloud Director: In this module, you will learn about vCloud Director network administration tasks such as creating and managing different types of networks. You will also learn about the requirements and constraints of different types of network pools.
* VMware vCloud Director User: In this module, you will learn about deployment and maintenance of vCloud Director that includes understanding how organizations and roles give access to different functions, how to work within the catalogs, and how to use vApp templates.
feedproxy.google.com [X] <http://feedproxy.google.com/~r/Ntpronl/~3/_wj5CAAmZvI/2228-Free-e-learning-course-VMware-vCloud-Director-Fundamentals-V5.1.html>
◆
________________________________
Original Page: http://feedproxy.google.com/~r/Ntpronl/~3/_wj5CAAmZvI/2228-Free-e-learning-course-VMware-vCloud-Director-Fundamentals-V5.1.html
Sent from Feeddler RSS Reader
The course<http://mylearn.vmware.com/mgrReg/courses.cfm?ui=www_edu&a=det&id_course=158926> consists of the following self-paced modules:
* VMware vCloud Director Overview: In this module, you will learn about cloud and cloud implementations. You will also learn about VMware vCloud Director and its benefits and functions.
* VMware vCloud Director Architecture and Components: This module provides an overview of vCloud Director components, illustrates the vCloud Director architecture, defines vCloud Director component functions, and describes how VMware vShield Edge and VMware vCenter Chargeback are integrated with vCloud Director.
* VMware vCloud Director Installation and Configuration: In this module, you will review vCloud Director components and learn about the prerequisites for vCloud Director installation. You will also learn about the procedure to install and configure vCloud Director. Additionally, you will learn about the post-installation steps.
* VMware vCloud Director Administration: This module covers vCloud Director administration tasks, which include how to create and manage organizations, catalogs, cells, users, roles, and compute resources.
* Network Administration in VMware vCloud Director: In this module, you will learn about vCloud Director network administration tasks such as creating and managing different types of networks. You will also learn about the requirements and constraints of different types of network pools.
* VMware vCloud Director User: In this module, you will learn about deployment and maintenance of vCloud Director that includes understanding how organizations and roles give access to different functions, how to work within the catalogs, and how to use vApp templates.
feedproxy.google.com [X] <http://feedproxy.google.com/~r/Ntpronl/~3/_wj5CAAmZvI/2228-Free-e-learning-course-VMware-vCloud-Director-Fundamentals-V5.1.html>
◆
________________________________
Original Page: http://feedproxy.google.com/~r/Ntpronl/~3/_wj5CAAmZvI/2228-Free-e-learning-course-VMware-vCloud-Director-Fundamentals-V5.1.html
Sent from Feeddler RSS Reader
Free e-learning course - vSphere Data Protection and Recovery Fundamentals [V5.1]
The vSphere Data Protection and Recovery course<http://mylearn.vmware.com/mgrReg/courses.cfm?ui=www_edu&a=det&id_course=158916> provides information about vSphere Storage APIs and the Data Recovery backup and recovery solution for virtual machines and describes the technologies used by Data Recovery. The course<http://mylearn.vmware.com/mgrReg/courses.cfm?ui=www_edu&a=det&id_course=158916> consists of the following self-paced modules:
* VMware Data Recovery Overview: This module provides information about vSphere Storage APIs and the Data Recovery backup and recovery solution for virtual machines. In addition, the module explains the components of the Data Recovery tool and their installation and configuration.
* Working with VMware Data Recovery: This module describes the technologies used by Data Recovery. In addition, the module explains the steps to create backup and restore jobs, as well as the requirements and guidelines for using Data Recovery.
feedproxy.google.com [X] <http://feedproxy.google.com/~r/Ntpronl/~3/3X6mAnKdxZE/2229-Free-e-learning-course-vSphere-Data-Protection-and-Recovery-Fundamentals-V5.1.html>
◆
________________________________
Original Page: http://feedproxy.google.com/~r/Ntpronl/~3/3X6mAnKdxZE/2229-Free-e-learning-course-vSphere-Data-Protection-and-Recovery-Fundamentals-V5.1.html
Sent from Feeddler RSS Reader
* VMware Data Recovery Overview: This module provides information about vSphere Storage APIs and the Data Recovery backup and recovery solution for virtual machines. In addition, the module explains the components of the Data Recovery tool and their installation and configuration.
* Working with VMware Data Recovery: This module describes the technologies used by Data Recovery. In addition, the module explains the steps to create backup and restore jobs, as well as the requirements and guidelines for using Data Recovery.
feedproxy.google.com [X] <http://feedproxy.google.com/~r/Ntpronl/~3/3X6mAnKdxZE/2229-Free-e-learning-course-vSphere-Data-Protection-and-Recovery-Fundamentals-V5.1.html>
◆
________________________________
Original Page: http://feedproxy.google.com/~r/Ntpronl/~3/3X6mAnKdxZE/2229-Free-e-learning-course-vSphere-Data-Protection-and-Recovery-Fundamentals-V5.1.html
Sent from Feeddler RSS Reader
Free vCenter Operations Manager General Available - Eric Sloof
vCenter Operations Manager Foundation will give you insights and visibility into performance and health of your vSphere infrastructure and is now included free with VMware vSphere. VMware vCenter Operations Management Suite provides automated operations management using patented analytics and an integrated approach to performance, capacity and configuration management.
vCenter Operations Management Suite enables IT organizations to get better visibility and actionable intelligence to proactively ensure service levels, optimum resource usage and configuration compliance in dynamic virtual and cloud environments. vCenter Operations Manager Foundation is the new, entry-level edition of the vCenter Operations Management Suite. It gains deep operational insights and visibility to improve the performance and health of your vSphere environment. vCenter Operations Manager Foundation<http://www.vmware.com/products/datacenter-virtualization/vcenter-operations-manager/buy.html> is included with every vSphere edition free of charge.
feedproxy.google.com [X] <http://feedproxy.google.com/~r/Ntpronl/~3/6xNnSipzFFo/2230-Free-vCenter-Operations-Manager-General-Available.html>
◆
________________________________
Original Page: http://feedproxy.google.com/~r/Ntpronl/~3/6xNnSipzFFo/2230-Free-vCenter-Operations-Manager-General-Available.html
Sent from Feeddler RSS Reader
vCenter Operations Management Suite enables IT organizations to get better visibility and actionable intelligence to proactively ensure service levels, optimum resource usage and configuration compliance in dynamic virtual and cloud environments. vCenter Operations Manager Foundation is the new, entry-level edition of the vCenter Operations Management Suite. It gains deep operational insights and visibility to improve the performance and health of your vSphere environment. vCenter Operations Manager Foundation<http://www.vmware.com/products/datacenter-virtualization/vcenter-operations-manager/buy.html> is included with every vSphere edition free of charge.
feedproxy.google.com [X] <http://feedproxy.google.com/~r/Ntpronl/~3/6xNnSipzFFo/2230-Free-vCenter-Operations-Manager-General-Available.html>
◆
________________________________
Original Page: http://feedproxy.google.com/~r/Ntpronl/~3/6xNnSipzFFo/2230-Free-vCenter-Operations-Manager-General-Available.html
Sent from Feeddler RSS Reader
Subscribe to:
Posts (Atom)