Layer 8 and 9 of the OSI model - Budget and Politics
:))))))))))))))
pondelok 27. septembra 2010
piatok 17. septembra 2010
Pouzivat vMA ako log server?
Zdroj:
Using vMA As Your ESXi Syslog Server
http://www.simonlong.co.uk/blog/2010/05/28/using-vma-as-your-esxi-syslog-server/
Using vMA as a syslog server to collect ESX and ESXi logs
http://kb.vmware.com/kb/1024122
Je vhodne pouzivat samostatny log server ako napriklad riesenie syslog-ng, http://www.balabit.com/network-security/syslog-ng/
Using vMA As Your ESXi Syslog Server
http://www.simonlong.co.uk/blog/2010/05/28/using-vma-as-your-esxi-syslog-server/
Using vMA as a syslog server to collect ESX and ESXi logs
http://kb.vmware.com/kb/1024122
Je vhodne pouzivat samostatny log server ako napriklad riesenie syslog-ng, http://www.balabit.com/network-security/syslog-ng/
Ake je doporucenie pre Transparent page sharing pri virtualizovanych Terminal Services?
vSphere’s ability to overcommit VM memory and memory de-duplication through transparent page sharing (TPS) is highly useful for the consolidation of many VM’s on a single server, especially within Server Hosted Virtual Desktop scenario’s. Nevertheless, one of the older Terminal Server best practices floating around the internet communities was to disable TPS. Project VRC phase 1 showed that disabling
TPS improved performance by 5%. This is understandable, since TPS is possible through a background process which is scanning memory, and this consumes a modest amount of CPU. However, the performance impact of TPS was only visible with full CPU loads. TPS has no performance impact under normal conditions.
Before the update of this whitepaper, Project VRC concluded: when it is the primary objective to maximize the amount of users with TS workloads and there is enough physical memory available, it is recommended to disable TPS. However, this VRC recommendation should not be understood as an overall recommendation to disable TPS. For instance, when maximizing the amount of VM’s is the main goal (this is quite common, e.g. VDI and rather typical server consolidation efforts), TPS can be very helpful. It is important to note that VMware does not recommend disabling TPS, their publications have shown TPS does not impact performance.
Zdroj:
Virtual Reality Check
http://www.projectvrc.nl/
TPS improved performance by 5%. This is understandable, since TPS is possible through a background process which is scanning memory, and this consumes a modest amount of CPU. However, the performance impact of TPS was only visible with full CPU loads. TPS has no performance impact under normal conditions.
Before the update of this whitepaper, Project VRC concluded: when it is the primary objective to maximize the amount of users with TS workloads and there is enough physical memory available, it is recommended to disable TPS. However, this VRC recommendation should not be understood as an overall recommendation to disable TPS. For instance, when maximizing the amount of VM’s is the main goal (this is quite common, e.g. VDI and rather typical server consolidation efforts), TPS can be very helpful. It is important to note that VMware does not recommend disabling TPS, their publications have shown TPS does not impact performance.
Zdroj:
Virtual Reality Check
http://www.projectvrc.nl/
štvrtok 16. septembra 2010
Bezpecnost VLAN
Try not to use VLANs as a mechanism for enforcing security policy. They are great for segmenting networks, reducing broadcasts and collisions and so forth, but not as a security tool.
If you MUST use them in a security context, ensure that the trunking ports have a unique native VLAN number.
Zdroj:
Intrusion Detection FAQ: Are there Vulnerabilites in VLAN Implementations? VLAN Security Test Report
http://www.sans.org/security-resources/idfaq/vlan.php
The security of VLAN technology has proven to be far more reliable than its detractors had hoped for and only user misconfiguration or improper use of features have been pointed out as ways to undermine its robustness.
The most serious mistake that a user can make is to underestimate the importance of the Data Link layer, and of VLANs in particular, in the sophisticated architecture of switched networks. It should not be forgotten that the OSI stack is only as robust as its weakest link, and that therefore an equal amount of attention should be paid to any of its layers so as to make sure that its entire structure is sound.
Zdroj:
VLAN Security White Paper
http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml
If you MUST use them in a security context, ensure that the trunking ports have a unique native VLAN number.
Zdroj:
Intrusion Detection FAQ: Are there Vulnerabilites in VLAN Implementations? VLAN Security Test Report
http://www.sans.org/security-resources/idfaq/vlan.php
The security of VLAN technology has proven to be far more reliable than its detractors had hoped for and only user misconfiguration or improper use of features have been pointed out as ways to undermine its robustness.
The most serious mistake that a user can make is to underestimate the importance of the Data Link layer, and of VLANs in particular, in the sophisticated architecture of switched networks. It should not be forgotten that the OSI stack is only as robust as its weakest link, and that therefore an equal amount of attention should be paid to any of its layers so as to make sure that its entire structure is sound.
Zdroj:
VLAN Security White Paper
http://www.cisco.com/en/US/products/hw/switches/ps708/products_white_paper09186a008013159f.shtml
utorok 14. septembra 2010
Zvonia desktopom do hrobu?
Zaujimavy clanok vo Forbes ohladne buducnosti pracovnych stanic:
Zdroj: http://www.forbes.com/forbes/2009/1228/technology-virtualization-vmware-wyse.html
Zdroj: http://www.forbes.com/forbes/2009/1228/technology-virtualization-vmware-wyse.html
pondelok 13. septembra 2010
Ako rozbehat vSphere Command-Line Interface (vSphere CLI)
Pomoc pri chybovej hlaske pri prvom pouziti vSphere Command-Line Interface (vSphere CLI) z Microsoft Windows prostredia.
* Open your CLI command prompt as Administrator. Type ppm and hit enter (Perl Package Manager).
* Now look for a module called Crypt-SSLeay. You’ll see that CLI’s bundled ActivePerl distribution includes version 0.53, but there is a newer version 0.57 available:ActiveState Perl PPM
* Remove this as shown, then go to File -> Run Marked Actions
* Click on the grey box icon on the left of the toolbar. These are available packages which are not currently installed. Search for Crypt-SSLeay once again, install, and Run Marked Actions. Exit.
Nasledne mozete skusit priklad prveho prikazu:
vicfg-nics.pl --server serveresxbratislava --username "fero" --password "alfanumerickyretazec" --list
Prikaz vypise fyzicke sietove adaptery.
Zdroj:
vSphere Command-Line Interface Documentation
http://www.vmware.com/support/developer/vcli/
vSphere CLI libeay32.dll error on Windows
http://pcloadletter.co.uk/2010/07/27/vsphere-cli-libeay32-dll-error/
* Open your CLI command prompt as Administrator. Type ppm and hit enter (Perl Package Manager).
* Now look for a module called Crypt-SSLeay. You’ll see that CLI’s bundled ActivePerl distribution includes version 0.53, but there is a newer version 0.57 available:ActiveState Perl PPM
* Remove this as shown, then go to File -> Run Marked Actions
* Click on the grey box icon on the left of the toolbar. These are available packages which are not currently installed. Search for Crypt-SSLeay once again, install, and Run Marked Actions. Exit.
Nasledne mozete skusit priklad prveho prikazu:
vicfg-nics.pl --server serveresxbratislava --username "fero" --password "alfanumerickyretazec" --list
Prikaz vypise fyzicke sietove adaptery.
Zdroj:
vSphere Command-Line Interface Documentation
http://www.vmware.com/support/developer/vcli/
vSphere CLI libeay32.dll error on Windows
http://pcloadletter.co.uk/2010/07/27/vsphere-cli-libeay32-dll-error/
Sledujte VMware User Group, takzvanu VMUG: Slovak User Group
Pozdravujem vsetkych,
chcem len upozornit na existenciu VMware User Group, takzvanu VMUG: Slovak User Group
Prispel som do tejto komunity nasledujucim navrhom:
http://communities.vmware.com/thread/284315
Link na VMware User Group, takzvanu VMUG: Slovak User Group:
http://communities.vmware.com/community/vmug/forums/emea/slovak
chcem len upozornit na existenciu VMware User Group, takzvanu VMUG: Slovak User Group
Prispel som do tejto komunity nasledujucim navrhom:
http://communities.vmware.com/thread/284315
Link na VMware User Group, takzvanu VMUG: Slovak User Group:
http://communities.vmware.com/community/vmug/forums/emea/slovak
Prihlásiť na odber:
Príspevky (Atom)
Príspevky
