Over the last couple of months, Sander, Anne Jan and I have been working on a security whitepaper that lays out a practical implementation of zero trust while interfacing with a helpdesk system. In this case, OTRS.
It’s all about how engineers can get access to servers to perform maintenance, once your environment is properly micro-segmented. This whitepaper talks about the challenges you have when you’re micro-segmented and how you can resolve these challenges. Using OTRS as an example, this document lays out how to configure a help desk system like OTRS to interface with NSX to gain network … Read more
Hopefully you’ve heard the good news that VMware has acquired VeloCloud, including SD-WAN into the software-defined portfolio. This is especially exciting to me, as I get to branch out a little more into the WAN space, being in the Networking & Security BU. For me, it also means NEW TOYS! 🙂
VeloCloud primarily runs on hardware in a few flavors (no software without hardware), but they also have a VM form factor (which I’m sure will get extra attention in the future). I managed to get a hold of an OVA to run in my lab. While you … Read more
PowerShell is about making things easy and consumable. Same goes for PowervRNI, making repetitive tasks in vRealize Network Insight easier and make it possible to extract information from vRNI.
It’s not that easy to load a custom module into PowerShell though, you have to download 1 or 2 files, then load it into your PowerShell session by referencing those local files. The PowerShell Gallery is a pretty awesome way to also make module management very easy. All you have to do is use the Install-Module command and it downloads and installs the module for you.
For the module authors, … Read more
There was a line in the NSX 6.4 release notes that caught my eye: “Support for BGP and static routing over GRE tunnels.” – First thought was “awesome, dynamic routing over a VPN”. But then I realized that that GRE tunnel in itself is a new feature as well, which the release notes don’t really mention. The VMware Docs website also doesn’t mention anything about it.
After a bit of digging, it appears that this feature has been added primarily to support the VMware on AWS architecture and connectivity towards that platform. But that doesn’t mean us mortals can’t use … Read more
This is the second post in a series on how to use PowervRNI to manage Applications within your vRealize Network Insight environment. If you’d like to learn about managing Data Sources with PowervRNI, check here.
Introduced in vRealize Network Insight 3.2 in the begin of 2017, Applications are logical containers which can contain the structure of applications (including tiering). You can use these application containers to better visualize what network flows are going between specific applications or even application tiers. Next to insights into your applications, you can also use it to take a per-application approach to micro-segmentation, … Read more
After attending CiscoLive EMEA in Barcelona last week, I wanted to get the break-out presentations for reference and to revisit sessions I couldn’t make it to. While the CiscoLive website isn’t bad, it’s not great either and I found myself spending too much time to search and go through the available presentations.
Luckily, the content catalogue seemed to use an open API with a central repository of all session data (including the session id, title and PDF url). I was able to grab it and parse it into a simple list of session id, title, type and category with a … Read more
This is the first post in a series on how to use PowervRNI to manage your vRealize Network Insight environment. Starting with Data Sources.
Brief background; data sources in vRNI are endpoints from which vRNI retrieves information from. Examples are: vCenter, NSX, Switches, Routers, Firewalls, an AWS account or converged infrastructure systems like Cisco UCS or HP OneView.
Adding data sources is usually only performed when vRNI is installed into the environment and every time a new endpoint is added to your environment (for example a new vCenter environment, or when a new switch is plugged in).… Read more