As One Chapter Closes…..

…. another opens!

After 5 amazing years at MTI Technology, I’ve decided that it’s time I moved on in order to progress my career….. this has been one of the hardest decisions I’ve had to make because I’m leaving behind a great bunch of folks and a team that’s helped me get to where I am today!

5 years ago I was one of the unfortunate ones who got caught up in the train-crash that was 2e2…. a huge reseller that was badly managed, borrowed too heavily for acquisitions and pretty much went bust over night when their banks refused to restructure their debt! Coming from a large reseller where I was under-valued and just one of a thousand employees to a much smaller reseller where everyone knew you by name was an eye-opener! All of a sudden I was valued for my input, trusted to get on with my job and given the opportunity to pro-actively pursue my own thirst for knowledge. I quickly picked up Dell EMC and Cisco knowledge, and was encouraged to continue expanding my VMware skills…..

In the 5 years at MTI, I started my blog, got recognised as a VMware vExpert (4th year now), became a Dell EMC VxRail Xpert, grown my network within VMware and Dell EMC, and helped to drive the VMware business within MTI… I even got to propose a marketing campaign (MTI Secure HCI) and pull together the content that led to MTI winning Best Marketing Campaign of the year at the recent CRN Sales & Marketing Awards!

So a lot has been achieved in a short period of time! As the VMworld tagline this year says…. “Possible Begins with You!”

So where am I off to….. well to those who know me it’s not going to be a big surprise…. I’m joining VMware!! =)

TBH, I’ve had opportunities to join VMware (and even Dell EMC) in the past but the roles haven’t really been enticing enough for me to leave MTI… I was happy with my role and also with the team around me! I even had opportunities to join other VARs, but I’ve always valued my work-life balance more than chasing a bigger paycheck so a sideways career move makes no sense to me!

About 5 months ago, I stumbled across a new role that was being advertised – Partner Solutions Architect – it was a role within a team focused on driving VMware’s partner engagement model. VMware have always valued the channel, and they’ve quickly realised that it’s the channel that’s going to drive any increase in their revenue!
My role is to help with the technical enablement of partners, as well as working alongside the Practise Development Managers to help the next set of partners along their VMware journey – most importantly to help them increase their VMware revenue!
It’s a very different role than what I’m used to…. a channel-focused role that’s moving me away from end-users and customers. Ironic thing is, MTI are one of those partners and I may even end up back looking after them! =P

Working for a Solutions Provider or VAR (Value-Added Reseller) like MTI has given me huge exposure to new technologies (recently that’s been Rubrik and Cohesity), and in a way I’m going to miss that wide-spectrum of exposure! However, having worked with VMware products for nearly 12+ years I finally decided it was time to join the V-mothership!

If anyone reading this blog is at an end-user or unsure of what to do with their careers, then if you want a challenge and quickly pick up skills from multiple vendors you need to join a VAR!

 

Finally before I end, I have to admit that I am very grateful to the management at MTI for allowing me to go to VMworld next week as part of the MTI team, even though I’m leaving. It just goes to show the respect and appreciation that the management have shown me over the years!

So those of you heading out to VMworld next week, I hope to see you there whilst still wearing the MTI badge…. and a week later I’ll be wearing the VMware badge! =)

 

I’m going to miss the team at MTI… they’re a great bunch of guys to work with and the future looks very interesting and rosy! I’m also going to miss the customers that I’ve worked with (yup – surprisingly).

The only regret I have is not being able to find a replacement during my notice period (can’t believe the marketplace is so short of decent pre-sales consultants!!). So as I sign off…. I’ll leave by advertising that there’s still a role at MTI for a VMware pre-sales consultant if anyone reading this blog is interested! =)

Advertisements

Dell EMC VxRail Software Update – Spectre Guest OS leakage mitigation

I posted earlier in the year that Dell EMC had released a Security Advisory to address Spectre (Meltdown doesn’t really affect VMware and hence VxRail).

One of the items that wasn’t addressed in the original fix was Guest OS leakage mitigation between processes within the VM – this required CPU/BIOS microcode updates which were not yet available from Intel.

Those updates were made available from Intel at the beginning of April and it’s taken a while for it to filter through to vSphere and VxRail – the delay is down to VxRail being a fully turn-key appliance which means all software/firmware updates from Dell EMC are fully tested and validated before release.

Updates 4.0.402 and 4.5.152 are now available to download from Dell EMC’s support portal.

Release notes can be found here:
https://support.emc.com/docu80740_VxRail-Appliance-Software-4.0.x-Release-Notes.pdf?language=en_US
https://support.emc.com/docu86659_VxRail-Appliance-Software-4.5.x-Release-Notes.pdf?language=en_US

The accompanying Dell EMC Security Advisory is available here: DSA-2018-074: Dell EMC VxRail Security Update for Multiprocessor Side-Channel Analysis Attacks (Meltdown and Spectre)

VxRail Appliance software 4.0.402 and 4.5.152 contains the Intel microcode fix to complete the resolution of the speculative execution security issues.
VxRail Appliance software 4.0.402 includes fixes for the following security vulnerabilities:

  1. CVE-2017-5753 (Variant 1: bounds check bypass, also known as Spectre) – Complete fix in 4.0.401 and above.
  2. CVE-2017-5715 (Variant 2: branch target injection, also known as Spectre):
    • Mitigates leakage from the hypervisor or guest VMs into a malicious guest VM – Complete fix in 4.0.401 and above.
    • Guest OS leakage mitigation between processes within the VM requires BIOS or CPU microcode update released by Intel and included in this release – Complete fix with either BIOS or CPU microcode update automatically applied through the VxRail 4.0.402 automated software upgrade. No manual BIOS update required for any supported VxRail hardware platforms.
  3. CVE-2017-5754 (Variant 3: rogue data cache load, also known as Meltdown): Does not affect VxRail Appliance.

NOTE: Manual steps are required after the VxRail Appliance software upgrade to 4.0.402 to power cycle the VMs for branch target injection to take effect. More info available within this KB article: https://support.emc.com/kb/519601

Also note that this update does not patch Guest OS!

For more information about Spectre/Meltdown, have a meander to my original posts:
Spectre & Meltdown Vulnerabilities
Spectre & Meltdown Update

MTI Secure Hyper-Converged Infrastructure Webinar

So last Thursday I was asked by the marketing peeps at my company, MTI Technology, to run a webinar with my colleague, Andrew Tang, around what Hyper-Converged Infrastructure is all about, why it’s suddenly become so popular within the industry, and how best to secure a HCI solution.

The webinar has now been uploaded for public consumption…. and since it kind of went ok – apart from me suffering from a runny nose throughout (sorry for all the sniffing) – I’ve decided to blog about the webinar for you all to watch.

I don’t really touch upon product in this webinar, as the last thing customers want is to be shoehorned into a certain vendor product… instead I hope the webinar gives enough information about what HCI is in general, why customers should be looking at HCI during their next infrastructure refresh, and more importantly what to consider when evaluating a HCI solution!

Feel free to pop along and access the webinar recording here: https://mti.com/secure-hci-webinar-page/ (sorry, you have to fill in your details to gain access….)

Finally, if you’re interested in talking more about HCI then feel free to contact me or register for one of MTI’s HCI Discovery Workshops: http://bit.ly/2C8vS14

Dell EMC updates VxRail software to address Spectre

So Dell EMC have finally released the patches for their VxRail appliances, I know many of my customers were asking about these patches – in a way it’s good it was slightly delayed given how many normal VMware customers experienced issues when patching and how one patch was pulled by VMware!

The good thing about VxRail is that any software patches or updates released have been tried and tested by the Dell EMC CPSD engineering team, so they should be ready for roll out with minimum disruption!

Updates 4.0.401 and 4.5.150 are now available to download from Dell EMC’s support portal.

Release notes can be found here:
https://support.emc.com/docu80740_VxRail-Appliance-Software-4.0.x-Release-Notes.pdf?language=en_US
https://support.emc.com/docu86659_VxRail-Appliance-Software-4.5.x-Release-Notes.pdf?language=en_US

It’s worth noting that at present this patch only contains 2 of the 3 required fixes for Intel to address the Speculative Execution vulnerability (Spectre – Meltdown doesn’t really affect VMware and hence VxRail). The 3rd fix has not yet been released by Intel and Dell EMC basically decided they couldn’t wait any longer as Intel drag their heels!

End of Availability of vSphere Data Protection

Wow…. ok….. so this was an interested announcement to receive. Whilst I kind of understand that VDP wasn’t really deployed by the masses, it was still nice to be able to have a free backup solution if you were deploying a small VMware environment.

The EoA of vSphere Data Protection pretty much means anyone wanting to backup their VMs will now need to pay for a 3rd party product! That kinda sucks!

VMware vSphere 6.5 is the last release which includes the VDP product!

You can read more about the announcement here: http://www.vmware.com/products/vsphere/data-protection.html

Also worth checking out the VMware KB article for more info: https://kb.vmware.com/kb/2149614

And if you have VDP deployed then don’t worry, any installations where you have an active Support and Subscription (SnS) will continue to be supported until the End of General Support (EOGS) date – the EOGS date can be found on the VMware Lifecycle Product Matrix.

It’s worth noting that this does not affect the vSphere Storage APIs – Data Protection (VADP) which most 3rd party vendors utilise.

It’s also worth noting that Dell EMC are helping those who have VDP deployed by offering them 3 years of free Avamar Virtual Edition (AVE) licensing to protect the first 4TB of protected data – although Maintenance costs will continue to apply during this 3-year period. Offer valid through October 15, 2017.

The offer can be found here: http://dellemc.com/vdpeoa

 

Finally, the FAQ released will assist with any questions you may have: http://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/vsphere/vmw-vdp-eoa-faqs.pdf

The Journey to the Secure Software-Defined Data Center

So one of the key differentiators that my company, MTI Technology, has over some of the other VMware partners in the UK is that we have quite an established Security Practice (We even hold the Royal Warrant for security work for the Royal Household!)

I’ve been asked to present a short deck on MTI’s Secure Software-Defined Data Center solution at an upcoming event (non-technical, it’s aimed at C-level or decision makers). If you haven’t already signed up, then register below!


Organisations across the public and private sectors have been steadily consolidating their IT infrastructures, as they seek improved efficiency and better performance. While this activity will undoubtedly continue, many organisations are now setting their sights on the next big thing – securing their software-defined datacentre.

In a secure software-defined datacentre, an organisation’s entire infrastructure is virtualised. This empowers the integration of compute, storage, network, and security solutions, and enables you to deliver IT as a service, and provision services securely via the cloud. In turn, this allows IT departments to keep pace with growing business and technology demands, and to achieve the speed and agility that IT users require.

The journey to the secure software-defined datacentre

Join MTI at the Institute of Directors, London, on Friday 15th April as we explore how you can advance the way you deliver IT today to meet the needs of your business tomorrow, while combatting ever-evolving security threats. During the half-day workshop, you will learn how a secure software-defined datacentre can:

  • Help you to ensure strong alignment between your IT and business objectives
  • Deliver ‘built-in’ security that evolves as your IT infrastructure grows and adapts
  • Offer the balance of performance, capacity, and availability demanded by your critical business applications
  • Deliver simple and cost-effective test & development environments with management and delivery services to reduce application overheads
  • Drive improved efficiencies and cost saving for your business
  • Turn large volumes of commodity servers into a high-performance, low cost infrastructure
  • Protect your data, infrastructure, and environment, detect and, if necessary, remediate against intrusions

To register, please visit https://www.mti.com/about-mti/events/journey-secure-software-defined-datacentre/

Where qualified partners stand with EVO:RAIL + What does the Future Hold for the product?

SearchVMware.com have just published a two-part article of mine where I’ve discussed the different QEP offerings in EMEA and what the future holds for EVO:RAIL….

I couldn’t believe how hard it was to get decent technical material regarding some of the partners EVO:RAIL appliance… Fujitsu and HDS were the hardest to get any info from – and by info I mean how it integrates with their other products, what value-add they bring to the table, etc.

Anyways, have a read here and let me know if you agree:

http://searchvmware.techtarget.com/tip/Where-qualified-partners-stand-with-EVORAIL

http://searchvmware.techtarget.com/tip/What-the-future-holds-for-VMware-EVORAIL

EMC/VMware Buy Out Rumours

Earlier this week a colleague of mine brought two articles to my attention…. The first was an article about “Why EMC may buy out VMware”, the second was a complete reversal – “Why VMware may buy out EMC”.

http://recode.net/2015/08/03/why-emc-may-soon-buy-out-not-spin-out-vmware/
http://recode.net/2015/08/05/emc-considers-a-buyout-by-its-own-subsidiary-vmware/

Interesting articles to read…..

 

EMC buying out the remaining stake of VMware and taking it in house has always been talked about! I don’t think a month goes by without someone within EMC suggesting this route of action.

In my opinion, EMC’s acquisitions have more often than not been really clever in leveraging emerging technologies (or plugging gaps in their portfolio) – Data Domain, Avamar, Isilon, XtremIO. Even the software acquisitions have been smart – Legato Networker, Documentum, VMware, TwinStrata, Virtustream. I was a bit surprised when EMC decided to offload 15% of VMware shares back in 2007 for an IPO, previous acquisitions had been completely absorbed by the corporation, but with VMware they decided to give them their own free rein and identity.

With the vast expansion into virtualisation and cloud technologies, EMC have probably realised that sooner or later software is going to be the way to go….. Software intelligence deployed on commodity tin! So it comes as no surprise that a so-called buy out is on the cards again.

The keen financiers amongst us will have noticed that VMware’s share price is significantly higher than EMCs ($86 compare to $26 as of market close yesterday), and that they account for almost 75% of EMCs valuation – which means any sort of VMware spin-out will severely weaken EMC as a corporation!

An EMC/VMware merger would obviously save them quite a bit in operating expenditure as there is probably quite a lot of overlap, it was reported cost savings if such a merger occurred could be up to $1bn. Not to mention it would allow EMC to reap the benefits of reporting on VMware’s earnings as their own!

 

However, whether EMC buys out VMware or vice-versa, I don’t hesitate to think that the end-user would be the most affected by such a merger.

Because VMware is its own entity, it offers virtualisation across heterogeneous hardware… any sort of merger would surely mean that there would be a shift towards favouring its own products – ie EMC storage, backup, etc. What would happen to VMware’s future R&D and partner relationships with the likes of NetApp, Cisco, HP, etc? Yes, a merger may bring closer ‘federation’ between EMC products and VMware, but it would have a detrimental effect to customers who don’t have EMC products. (Just look at how Oracle prefers its customers to run Oracle on Exadata – yes you can run it on other systems, but licensing is so complex!)

What about the products that overlap, Virtual SAN and ScaleIO being two products that immediately come to mind – they both compete in the Software Defined Storage market using local hard drives to create a storage pool. Then there’s RecoverPoint for VM against vSphere Replication and vCenter Site Recovery Manager, both are DR solutions. Another semi-competing product is EMC Storage Resource Manager and VMware vRealize Operations – both can do monitoring and reporting of virtual environments.

Whilst a merger sounds enticing to shareholders and both corporations, I feel that it’ll be end-users that lose out on the innovations that VMware brings without being shackled to one hardware vendor – I’m guessing some sort of legal guarantee has to be put in place to offer fair competition if such a merger was to occur.

EMC VSPEX Blue Launch

So last year after VMware announced EVO:RAIL at VMworld I held a quick tech session with my colleagues at MTI and we discussed what effects the Hyper Converged Infrastructure Appliances (HCIA) would bring to the market…. of particular we contemplated what EMC would bring to EVO:RAIL when it was announced that they would be a QEP (Qualified EVO:RAIL Partner). Just so you know, EMC were the only QEP that didn’t have a physical appliance on show at VMWorld last year!

We were all in agreement that there were 2 things missing from the EVO:RAIL product which we hoped that EMC would address by leveraging their vast product portfolio:

  1. Backup
  2. Replication/DR

….. and last Tuesday we were mightily impressed with how EMC had taken the EVO:RAIL product and added their own twist to the whole package! Including tackling the 2 points above (and then some!)…… Welcome to the world of EMC VSPEX Blue!

vspex blue

So some of the highlights of the new VSPEX Blue appliance:

  • Two versions: Standard provides 128GB RAM, Performance provides 192GB RAM.
  • VSPEX Blue Manager – a UI that EMC have written that builds on the simplistic and functional EVO:RAIL Manager and allows you to easily deploy, configure and manage the whole VSPEX Blue solution.
  • EMC Secure Remote Support (ESRS) – this is just like what they offer with their storage arrays, it’s built into the Blue Manager and provides end-to-end support, which could either be via a live chat, community forums, or knowledge based articles. With ESRS (and Premium support), EMC can periodically monitor the EMC VSPEX Blue appliance and will be notified of any failures (like a “Phone home” service) enabling support to take preventative measures to help avoid downtime.
  • VSPEX Blue Market store – The Market provides customers with access to trusted solutions and technologies that are developed by EMC and technology partners that are pre-validated for the VSPEX Blue appliance and then made available to download. These additional Market Apps are simple and easily integrated into the VSPEX Blue appliance. (Think of Apple’s App Store or Google Play). Although at launch there are only 3 offerings:
    1. RecoverPoint for VMs – offering business continuity/disaster recovery, with replication and continuous data protection at the VM level to a remote site. 15 full licenses are offered free per appliance (licensed per VM which means protection of 15 VMs, and up to 60 if you expand the VSPEX Blue to 4 appliances).
    2. VDP Advanced – providing centralised backup and recovery (based on EMC Avamar) including disk based de-duplicated backup (ie attaching a Data Domain as the backup target).
    3. Cloud Array Virtual Edition – this is a gateway to hybrid cloud storage (AWS S3, vCloud Air, etc)! The Cloud Array solution allows you to connect to external cloud storage and present it as an iSCSI target or NAS device (SMB/NFS) to the appliance. It’s a software based solution and you will get a free license per appliance to access 10TB of cloud storage with 1TB of local cache. (So unlike NetApp who are planning to hang a FAS array off their EVO:RAIL – breaking the whole ‘hyper-converged’ concept – this allows you to access more storage without breaking the appliance mould!)

EMC’s offering of EVO:RAIL is by far the best ‘packaged’ product available from QEPs…. they’ve really taken some time to address the question of “What would an EVO:RAIL customer want to do with this product apart from run VMs”….. I wouldn’t be surprised if they end up as the #1 EVO:RAIL partner!!

Anyways, if you wish to delve a bit more into the product then pop along to Chad Sakac’s blog as he has a very good article on it: http://virtualgeek.typepad.com/virtual_geek/2015/02/vspex-blue-hello-world.html