vShield to NSX migration

Replacing deprecated vShield by NSX for vSphere

VMware vShield is part of the vCloud Networking and Security (vCNS) suite. Its latest version 5.5 has reached EOGS (end of general support) in September 2016 and has been replaced by NSX for vSphere.

We still see quite a lot of vShield installations in productive environments. Mainly used for agentless guest introspection together with security solutions like Trendmicro DeepSecurity,  McAfee Move or others. Now that many customers consider migrating from vSphere 6.0 to vSphere 6.5, they have to face the fact that vShield is no longer supported from vSphere 6.5 onwards. And it is crucial to take product compatibility into account. There is a relationship between different vSphere, NSX and security product versions.

That’s why I show different migration paths in this blog article. Continue reading “vShield to NSX migration”

Remove VM objects from Veeam backup-chain

Leverage Powershell to selectively eliminate VMs from backup archives

GDPR / DSGVO casts its shadow onto IT. On Friday 25th of May European privacy regulations will become effective and violations can result in very harmful penalties for enterprises.

In that context an unusual task was addressed to me today by a customer: “Delete all backups of VM KillMe (yes, all)!”

There are several strategies to fulfill the task: Continue reading “Remove VM objects from Veeam backup-chain”

Increase efficiency with vRealize Log Insight

Syslog Server – a time saving tool

Today I’m writing about a use case, which is not very popular amongst IT professionals. Troubleshooting by parsing system logs. Sounds attractive as a dental surgery.

Almost any system and any component logs events, warnings and errors into some kind of internal log. Emphasis is on any and internal, because that’s part of the problem. Log information isn’t usually easy accessible. And once you’ve copied all logs to a common location, you need to scroll through it by a text editor. This is cumbersome and tricky. If you – for example – have to align events from a server with events from a switch, you’ll need multiple steps to achieve it. A very time-consuming procedure. If you have bad luck (Murphy says, you will..), one of the components is unavailable, because an error occurred. No log – no analysis. Continue reading “Increase efficiency with vRealize Log Insight”

Microsoft Patch KB4088875/KB4088878 has issues with VMXNET3 adapter

March rollup disconnects Windows Server 2008R2 VMs

Microsoft’s monthly March 2018 rollup KB4088875 contains a patch KB4088878 which seems to have issues with Windows Server 2008 R2 VMs and VMXNET3 adapter. Applying the patch disconnects Windows Server 2008R2 VMs.

Sounds familiar?

Yes, indeed! There used to be an old problem with Server 2008R2 VMs which had a VMXNET3 NIC. After restoring these VMs from backup, they’ve lost their static IP and instead switched to DHCP.  The problem is known by VMware and there’s a corresponding KB1020078.

Microsoft released in a hotfix 433809 (KB2550978) to prevent the issue. But you had to switch to DHCP first before installing the hotfix and then revert to your static IP. I’ve published the procedure in 2013. This blogpost is in German but the procedure is simple:

  • change NIC from static IP to DHCP
  • apply hotfix
  • reboot
  • revert to static IP

It seems that Microsoft now has included that old hotfix into a montly rollup. At least the similarity is striking.

Fun fact

Those who had already applied the Hotfix in the past to their 2008R2 VMs, seem to be immune to the problem.

Links