Data Center

Being the Silver Lining in a Multi Cloud world

As part of our vCAN partner guest blog series, John Coulston, Rackspace Alliances Director in EMEA, talks about being part of our VMware cloud provider network and the future opportunity of the cloud for Rackspace customers

No longer are enterprise organisations asking whether they need cloud technology, that&#rsquo;s now an accepted IT delivery methodology for most CIOs and CTOs. In a multi-cloud world, the question is how to choose the right combination of clouds to meets the needs of customers and employees, to help keep the IT function at the forefront of innovation and responsive to competition.

The technical challenge a business faces to integrate their on-premise architecture with their multiple cloud deployments, whilst at the same time align their commercial growth plans, simplify operations and achieve cost savings. It can perhaps be overwhelming for some companies:

  • Which applications and workloads should be moved into the cloud?
  • In which sequence should these be migrated?
  • How can this be achieved without causing the business disruption or downtime?

These are all questions businesses want answered, but to get it right the first time they need specialists on hand to ensure the answer is specifically tailored to their organization. After all, no business is the same – and no single approach can be used by every company.

Move with the Times

We&#rsquo;re fully aligned with VMware&#rsquo;s Cross-Cloud vision because we feel the ultimate cloud experience should be fast, simple and integrated. We are seeing significant double-digit demand for hybrid, multi-cloud managed environments. Customers are increasingly keen to balance the speed and cost savings of the public cloud with the functionality and security of the private cloud. So much so, in fact, that we are opening a new Rackspace data center in Germany using VMware&#rsquo; Cloud Foundation.

We&#rsquo;ve helped GoHenry reap the rewards of VMware&#rsquo;s private cloud. GoHenry is a UK FinTech company that helps parents educate their children in financial control using intelligent smartphone apps and specific types of cards to manage their money better. GoHenry&#rsquo;s leadership team wanted a flexible, scalable technology, but one that would keep its data secure. VMware ticked all of those boxes, but the company could not afford to devote the necessary time to managing its data centers itself. That&#rsquo;s where we stepped in with our Managed Private Cloud. Using Managed Virtualization from VMware, we gave GoHenry everything it needs to focus on its business while being confident its infrastructure is working properly. We take care of its entire cloud operation – from capacity to ad hoc requirements, leaving them to focus on their core business. Rackspace uses VMware technology to design, modify and upgrade applications so it always works efficiently and securely anywhere in the world. GoHenry was migrated by Rackspace in just a weekend, on time, on budget and with no disruption.

Business Made Simple

Rackspace helps customers move off-premise to the cloud, from VMware on premise to VMware cloud, and therefore preserve their capital investment in VMware technologies as well as adopt and integrated new features available in the VMware cloud environment. The deep collaboration between VMware and Rackspace helps us to propose innovative ideas to our customers without customers incurring retooling expenses, development risks, headcount, plus reducing security concerns. We help our customers gain real benefits from moving to the cloud without all the hassle, and ultimately that translates into faster project migration timescales. After the migration, customers ask us to continue to operate their different clouds for them because of our expertise, freeing up their time and resource to focus on their main core strategic areas. One of the great things about Rackspace is that we are more than just a 24/7 infrastructure ops team - our GSS consultancy team offer future strategy analysis and planning to help companies maximise their clouds. Our customers can enjoy all the benefits of the cloud, without worrying about the time and hassle of looking after them. Clients get access to customised hardware, plus a choice of management and control levels.

A pivotal role Rackspace provides customers is in helping reduce the complexity of their multi cloud environment. We can offer to manage it for them from one centralised system. But it&#rsquo;s not just the way we manage these cloud environments that sets up apart, it&#rsquo;s the ability to manage the many complex tools and applications that run on top of them as well.

Customers choose VMware as platform of choice – whether private or public – as the technology has evolved to such an extent that customers can consume cloud in a seamless way and move in a real dynamic way. Whether it is for extra bursting capacity or as a DevOps environment.

Partnering for Success

As part of VMware&#rsquo;s global vCloud Air Network (vCAN), Rackspace is a strategic global VCAN partner - the silver lining to VMware&#rsquo;s Cross-Cloud vision – for all companies to have the ability to run applications across clouds and devices in a common operating environment. vCAN is the ideal way to develop, promote and sell hosted services such as Infrastructure-as-a-Service (IaaS), Desktop-as-a-Service (DaaS), Disaster Recovery as a Service (DRaaS), Backup and Replication-as-a-Service, Storage as a Service, and various other cloud services.

VMware has always led the industry in terms of R&D investment into cloud technologies, security and digital innovation. Rackspace have been providing a VMware-based managed cloud on a global scale for over a decade and add our passion to deliver an exceptional support and end user experience up and down the entire stack. It&#rsquo;s really resonating with customers - the business has grown rapidly for us.

We want to be ready to be called upon when enterprises are ready to take the next step in their cloud journey – and that means a strong partnership between Rackspace and VMware. It&#rsquo;s a VMware Cross-Cloud, but every Cross-Cloud needs someone to bring it to fruition – and that&#rsquo;s where we&#rsquo;re VMware&#rsquo;s silver lining.

[END]

Blog Footer Notes:

Rackspace will be attending VMworld Europeto showcase their VMware cloud expertise with a combination of theatre presentations, breakout workshops and 1to1 individual appointments.

VMworld Europe in Barcelona in September is a unique opportunity for companies and organisations to engage with VMware senior executives, CIOs and tech experts to hear their insights across four business-critical topics: modernizing the data center, integrating public clouds, empowering the digital workspace and transforming security.

For insights into our VMware partner ecosystem and to read the latest guest blogs, take a look at the series here, or visit the VMware Partner Network website.

Read more..

vSAN 6.6 – why it presents the strongest partner opportunity yet

Rory Choudhuri, Product Marketing Director at VMware discusses vSAN 6.6 and the HCI conversations partners can start having with stakeholders at all levels

In April, we launched the latest vSAN product update – vSAN 6.6. vSAN is one of the most disruptive technologies in the infrastructure stack. More than 8,000 customers have already chosen to transform their data center, opting to virtualize their storage function and entrust their most important workloads to vSAN. The implementation sees the data centre transformed through a hyper-converged infrastructure, which combines server, storage and network functions, all managed via a software layer to help companies lower TCO, evolve without risk, and scale so they can prepare for any workload. And, of course, for that reason, we want our partners on the journey with us as you sell the solutions to your own customers.

We&#rsquo;ve deliberately developed our vSAN6.6 kits with both the customer and partner in mind. Four new HCI Kit bundles provide an easy way for customers to get started with HCI – converging physical storage onto industry-standard servers – because they contain all the essential software needed to deploy a software-defined HCI solution. A customer can purchase any of these HCI software kits and deploy it on certified hardware from the server vendor of their choice. This simplifies the purchasing process for our channel partners, giving them a single software SKU for HCI. vSAN really does pose one of the strongest current opportunities for partners. With a HCI environment, the sales cycle tends to be turned around in 90 days. When you consider that a traditional storage solution takes around nine months, that means you can get things up and running far quicker.

What do you need to look out for when having conversations with your customers? How do you spot the perfect opportunity to start discussing a move to a hyper-converged infrastructure with vSAN 6.6? These are the things to look out for:

  1. Budget constraints

Your customer has told you they&#rsquo;re concerned with the amount they are currently spending on storage – and won&#rsquo;t be able to sustain their current spending levels. Yet storage requirements are increasing 50% YoY – something has to change. By simplifying the storage function, vSAN significantly reduces Capex and Opex.

  1. Stretched resources and increased management complexity

They&#rsquo;re finding managing infrastructure in siloes not just increasingly complicated, but it&#rsquo;s getting harder to get a true overview of what&#rsquo;s happening across the estate. On top of that, their resources are limited – who has the time to manage silo by silo? Hyper-convergence breaks down these siloes, bringing all infrastructure into one place

  1. Their old infrastructure can&#rsquo;t help them evolve quick enough

We all know how quickly businesses need to be able to move to be competitive – are your customers saying that their infrastructures aren&#rsquo;t future-ready and can&#rsquo;t help them scale in time?

  1. Put the app in charge

Instead of individually configuring LUNs, and relying on your storage admin/architect, set storage policies for the environment. Let the software run the process, both for day 1 set up and ongoing day 2 management. Put the app in charge – that&#rsquo;s what defines the requirement after all.

vSAN 6.6 readily forms the basis of conversations with a number of stakeholders across the business, but they&#rsquo;re going to want to focus on different things. Here are our tips on the conversations you can lead with different people across your client organisations – and the benefits we see attracting each one.

CxO

&#rsquo;vSAN can help you seamlessly evolve to a secure modern datacenter designed for tomorrow&#rsquo;s IT needs, at half the cost.&#rdquo;

IT Director/VP

&#rsquo;With vSAN, IT spend can instead to go to strategic initiatives that actually meet business

demand, rather than paying to keep the lights on.&#rdquo;

Infrastructure team

&#rsquo;vSAN offers performance and high resiliency for all types of workloads, including business-critical applications. It also has the bonus of running on the same technologies you&#rsquo;re already familiar with – if you know vSphere, you know vSAN.&#rdquo;

Storage Lead/Admin

&#rsquo;vSAN 6.6 will let you simplify capacity planning by scaling compute and storage in tandem.&#rdquo;

We&#rsquo;re keen to work with our partners to help them help us make it even more successful. vSAN has recently won three industry awards for being the Product of the Year in this space. With the kits we&#rsquo;ve put together to help partners sell vSAN 6.6, now really is a great opportunity for our channel to get out there and start selling the software. Want more information on selling vSAN?

  • Start with the Partner-Led vSAN Assessment: com/go/VSANassessment
  • Visit Partner Central, or com/go/virtual-san
  • Contact your VMware Partner Specialist at or your VMware Distributor

Read more..

Why a Modern Data Center is Essential for the Digital Economy

Digital disruption is turbo-charging the pace of business, and the companies that survive and thrive will be those that can innovate fastest. Line-of-business leaders and developers are reaching out to your IT team for help. To stay competitive, you need to give them rapid access to the services, apps, and resources they need for today&#rsquo;s dynamic market—and tomorrow&#rsquo;s new demands.

If this sounds daunting, you&#rsquo;re not alone. A Gartner survey found that 59 percent of IT professionals believe that their IT organizations are unprepared for the digital business of the next two years. Building an IT environment that can support changing business imperatives isn&#rsquo;t easy. You&#rsquo;re facing:

  • Complex, heterogeneous environments that can slow you down
  • Operational and compliance risks from cloud siloes and outdated management
  • Static or shrinking IT budgets

How can you tackle these challenges? Employing a software-defined approach to modernizing the data center can position you to deliver infrastructure, applications, data, and IT services—on demand, with improved agility.

Click here to read our new white paper, &#rsquo;Future Proof Your Data Center.&#rdquo;

Toward a modernized data center

VMware provides a path toward a modernized data center that starts by focusing on two IT initiatives: modernizing the infrastructure through best-in-class compute, storage, and network virtualization technologies; and automating IT operations with industry-leading cloud management.

Modernize infrastructure

A modern infrastructure lets you extend the efficiency of virtualization across the entire data center, including compute, storage, and networking layers, with common management across all three. It&#rsquo;s based on a software-defined infrastructure built on hyper-converged architecture that reaches across private and public clouds, minimizing IT risks and lowering costs. With a modernized infrastructure, you can:

  • Evolve the data center without risk
  • Lower total cost of ownership
  • Scale to grow with the business

Automate IT

IT automation is the second key initiative to modernize the data center. Although compute virtualization lets you apply some degree of automation to provisioning compute and storage resources, configuring associated network and security services still requires manual processes that are simply too slow.

By virtualizing and automating the delivery of IT services, you can:

  • Automate for full-stack provisioning of infrastructure and applications
  • Virtualize networking and security components into the hypervisor layer
  • Streamline infrastructure and application lifecycle management

Take advantage of new opportunities

VMware is the industry leader in virtualization and cloud technologies, and we can help you take the next steps toward a modernizing your data center. Our solution portfolio helps you build a software-defined environment of natively integrated compute, storage, and network virtualization technologies with automation and management, to support any workload—from traditional enterprise applications to modern cloud-native applications.

To learn more about the benefits a modernized data center can bring to your entire organization, read our new white paper, &#rsquo;Future Proof Your Data Center.&#rdquo;

Discover further:

  • Visit our website for more information about modernizing data centers.
  • Experience VMware technology first hand with our Hands-On Labs catalogue.
  • You may also like our other blog articles:
  • Network Virtualization For Dummies
  • Secure the Digital Workspace For Dummies

Read more..

Use a Zero Trust Approach to Protect Against WannaCry

Micro-segmentation with VMware NSX compartmentalizes the data center to contain the lateral spread of ransomware attacks such as WannaCry

On May 12 2017,reports began to appear of theWannaCrymalware attacking organizations worldwide in one of the largest ransomware cyber incidents to date. TheEuropean Union Agency for Law Enforcement Cooperation (Europol) has reported more than 200,000 attacks in over150 countries and in 27 languages byWannaCry, with the full scope of the attack yet to be determined.Victims include organizations from all verticals.

WannaCrytargets Microsoft Windows machines, seizing control of computer systems through a critical vulnerability in Windows SMBand RDP. It encrypts seized systems and demands a ransom be paid before decrypting the system and giving back control. The threat propagates laterally to other systems on the network via SMB or RDP and then repeats the process. An initial analysis ofWannaCryby the US Computer Emergency Readiness Team (US-CERT) can be foundhere.

One foundational aspect of increasing cybersecurity hygiene in an organization to help mitigate such attacks from proliferating is enabling a least privilege (zero trust) model by embedding security directly into the data center network. The core concept of zero trust is to only allow for necessary communication between systems using a stateful firewall, assuming all network traffic is untrusted. This dramatically reduces the attack surface area.

VMware NSX micro-segmentation provides this intrinsic level of security to effectively compartmentalize the data center to contain the lateral spread of ransomware attacks such as WannaCry.

In this blog, we will focus on how NSX can help:

  • Contain the spread of the malware such asWannaCry
  • Provide visibility into on-going attacks
  • Identify systems that are still infected
  • Mitigate future risk through a micro-segmentation approach

Stages of theWannaCry cyber attack

Before we provide our attack mitigation recommendations, let us review the WannaCry ransomware attack lifecycle.

  1. Weaponization:

WannaCryuses theEternalBlueexploit that was leaked from the NSA to exploit the MS17-010 vulnerability in Windows.WannaCrythen encrypts data on the system including office files, emails, databases, and source code, using RSA-2048 encryption that isimpossible to break.WannaCryends the &#rsquo;weaponization&#rdquo; stage by posting a message to the user demanding $300 in bitcoin as a ransom in order to decrypt the data.

  1. Installation / Exploitation / Encryption / Command and Control:

WannaCrycycles through every open RDP session since it is also a worm that contains the malware payload that drops itself onto systems and spreads itself. As soon as the ransomware is dropped, it tries to connect to a command and control URL to seize control and encrypt the system. The code has both direct as well a proxy access to the internet. Next step for the worm is to install a service called “mssecsvc2.0” with display name “MicrosoftSecurity Center (2.0) service”. The worm loads the crypto module when the service is installed and proceeds to encrypt the system.

  1. Propagation:

WannaCryenters through email phishing or other means of breaching the network perimeter and scans all of the systems on the network based and spreads laterally from vulnerable system-to-system. Scans are not just restricted to systems actively communicating but also IP addresses obtained via multicast traffic, unicast traffic, andDNStraffic. OnceWannaCryobtains a list of IPs to target, it probes port 445 with a randomly generated spoofed source IP address. If the connection on port 445 of a vulnerable system is successful,WannaCryproceeds to infect and encrypt the system. Additionally, it scans for the entire /24 subnet for the system (10 IP addresses at a time), probing for additional vulnerable systems.

Preventing the attack with VMware NSX

NSX can be used to implement micro-segmentation to compartmentalize the data center, containing the lateral spread of ransomware attacks such as WannaCry and achieving a zero trust network security model.

The following are recommendations in order of priority, to create a micro-segmented environment that can interrupt the WannaCry attack lifecycle.

  1. Detect traffic on port 445 in the NSX distributed firewall. This would provide visibility into aWannaCryattack in progress. Allow or Block logs can be sent from NSX to a log analyzer of your choice (for example, vRealizeLog Insight), for further analysis.
  1. Enable environmental redirection rules in NSX so that any traffic destined for critical systems is steered to an NSX-integrated IPS solutions to detectattempted exploits ofCVE-2017-0144. Even if the perimeter did not detect the malware, east-west traffic within the environment can be analyzed to detect the CVE.
  1. Create an NSX Security Group for all VMs running the Windows Operating System, to identify potentially vulnerable machines. This is really simple to do in NSX as you can group VMs based on attributes like operating system, regardless of their IP address.
  1. Enable Endpoint Monitoring (NSX 6.3+ feature) on VMs that are part of the Windows operating system to detect mssecsvc2.0. If detected, verify and check what VMs it has started communicatingwithon port 445.
  1. Create a distributed firewall rule to immediately block/monitor all traffic with a destination port of 445 on the /24 subnet ofany VMs that is found on that list.
  1. Use Endpoint Monitoring to detect if mssecssvc2.0 is running on systems that are not patched so that NSX can detect if a new attack starts.

Additional precautions include blockingRDP communication between systems andblocking all desktop-to-desktop communications in VDI environments. With NSX, this level of enforcement can be achieved with a single rule.

Architecting a secure datacenter using NSX Micro-segmentation

With NSX micro-segmentation, security architects can enable a least privilege, zero trust model in their environment. For environments utilizing NSX, the distributed firewall applies security controls to everyvNICof every VM. This controls communications between all VMs in the environment (even if they are on the same subnet), unlike the traditional firewall model in which flows within a subnet are typically not restricted, allowing malware to spread laterally with ease. With a zero trust architecture enabled by NSX, any non-approved flow will be discarded by default, regardless of what services have been enabled the VM, and ransomware likeWannaCrywill not be able to propagate - immediately blunting the amount of damage to data center operations and hence the organization.

The post Use a Zero Trust Approach to Protect Against WannaCry appeared first on Network Virtualization.

Read more..

Data centers : 5 prédictions pour 2017 autour des infrastructures hyperconvergées

Par Madgaleine Bourgoin, Directrice Technique, VMware France

En 2016, les infrastructures hyperconvergées (HCI) se sont démarquées en mettant en avant de nouvelles solutions révolutionnaires. Solutions essentielles pour les software-defined data center (SDDC), les HCI devraient occuper le devant de la scène en 2017, notamment tirées par la migration des données du stockage physique au cloud, qui affecte la gestion au quotidien des data centers. Quelles sont les autres prévisions pour cette année ?

1) La prise de pouvoir des informaticiens généralistes dans le monde du stockage

Avec l&#rsquo;émergence des HCI et des logiciels connexes, l&#rsquo;achat et la gestion du stockage ne sont plus réservés aux spécialistes, et sont désormais à la portée des informaticiens généralistes. Ces derniers peuvent ainsi gérer l&#rsquo;intégralité de leur infrastructure avec leurs outils existants. Les HCI limitent également les risques d&#rsquo;erreurs grâce aux prix plus avantageux des offres de base. En outre, elles permettent aux services informatiques d&#rsquo;adopter une approche de déploiement progressive, en ajoutant plus de capacité de stockage et de calcul en fonction des besoins de leurs organisations. Face à cette tendance, les professionnels du stockage d&#rsquo;entreprise se focaliseront sur les scénarios et les applications nécessitant des performances optimales. Compte tenu de l&#rsquo;allocation plus efficace des ressources et du personnel, les débats devraient moins tourner autour de la maintenance quotidienne des infrastructures, et davantage autour de la capacité des équipes informatiques à offrir une réelle valeur ajoutée.

2) L&#rsquo;Ethernet remplacera le Fibre Channel

Les analystes annoncent depuis longtemps la mort du stockage basé sur le protocole Fibre Channel. Ce déclin devrait encore s&#rsquo;accélérer en 2017 compte tenu de la rapidité croissante de l&#rsquo;Ethernet standard, qui enlève toute légitimité au besoin de connexions SAN propriétaires. Ce constat vaudra même pour les entreprises où le Fibre Channel est prédominant. L&#rsquo;acquisition du fournisseur de solutions Fibre Channel Brocade by Broadcom est d&#rsquo;ailleurs le dernier indice en date pointant vers la baisse de popularité des offres spécialisées sur le marché. Avec l&#rsquo;avènement du stockage hyperconvergé et «scale-out» (évolutif), les serveurs et périphériques dédiés résideront de plus en plus souvent sur le même réseau, tandis que le Fibre Channel apparaîtra progressivement comme une technologie appartenant au passé.

3) Les appliances de stockage spécialisées et coûteuses cèderont la place à des solutions basées sur des serveurs

Dans le passé, le provisionnement du stockage en entreprise impliquait souvent des investissements importants (à hauteur de dizaines, voire de centaines de milliers d&#rsquo;euros) sur une appliance propriétaire difficile à configurer et à entretenir. Les HCI sont en train de changer la donne. Les opérateurs de data centers réellement hyperscale (AWS, Baidu et autres Alibaba) montrent en effet la voie: chacun d&#rsquo;eux a créé sa gigantesque infrastructure de stockage en suivant un modèle scale-out basé sur des serveurs x86. Tout comme le Fibre Channel devrait laisser place à l&#rsquo;Ethernet, de plus en plus d&#rsquo;organisations (y compris de grandes entreprises) devraient être séduites par les avantages de ce modèle. 2017 sera également l&#rsquo;année où l&#rsquo;industrie du stockage traditionnel d&#rsquo;entreprise commencera réellement à sentir le vent tourner, à mesure que les organisations se rendront compte de l&#rsquo;agilité, de l&#rsquo;évolutivité et des réductions de coûts offertes par les HCI.

4) Les HCI banaliseront les solutions de stockage, permettant aux entreprises de tirer parti de leurs systèmes d&#rsquo;information pour faire face à la concurrence

Les fabricants de serveurs connaissent des difficultés depuis quelque temps. Leurs ventes se sont en effet effondrées en 2016. Cette tendance devrait cependant s&#rsquo;inverser en 2017. L&#rsquo;arrivée des fameuses puces Intel Skylake de nouvelle génération pour serveurs (prévues pour le milieu d&#rsquo;année) devrait initier un cycle de renouvellement des data centers comme on n&#rsquo;en a pas vu depuis longtemps. Beaucoup d&#rsquo;entreprises du monde entier y verront une opportunité de passer à des infrastructures hyperconvergées. Ainsi, même des entreprises sur des marchés émergents n&#rsquo;ayant jamais réellement investi dans des offres de stockage traditionnel d&#rsquo;entreprise commenceront à voir leurs infrastructures et applications d&#rsquo;un œil nouveau. Et grâce aux compétences informatiques de nos 500000 clients en matière de serveurs, d&#rsquo;Ethernet et d&#rsquo;applications, 2017 marquera le début d&#rsquo;une transformation radicale de la gestion des data centers au sein des organisations de toutes tailles.

5) Le stockage entièrement flash deviendra la référence

Les supports flash présentent aujourd&#rsquo;hui des avantages économiques tels, que les performances et la flexibilité du stockage à l&#rsquo;état solide (SSD) ne peuvent plus être ignorées, même par les entreprises disposant d&#rsquo;une marge de manœuvre réduite sur le plan financier. Compte tenu de l&#rsquo;évolutivité des HCI, l&#rsquo;adoption généralisée du flash réduit les coûts d&#rsquo;assistance des clients. Et avec l&#rsquo;effondrement des prix, les ventes dans ce secteur arriveront à un stade où même les clients disposant de budgets informatiques limités devront justifier leurs choix des disques durs au détriment de solutions entièrement flash (soit l&#rsquo;exact opposé de ce qui se passe aujourd&#rsquo;hui).

Article original sur le Journaldunet.com

Retrouvez également son dernier article sur les Datacenters : ce que 2017 nous réserve en matière d&#rsquo;infrastructures Cloud-native

Read more..

Guest blog post: Divining the Data Center: What’s to Come for Cloud-Native in 2017

The second installment in our 2017 Predictions by Kit Colbert, CTO of the Cloud Platform Business Unit at VMware, discusses five key cloud-native trends that are expected to boom in the coming year – tackling subjects such as container security solutions and the Pivotal Cloud Foundry (PCF) open source cloud-native application platform.