Data Center Capacity Planning

Chris Haynes[Senior Systems Consultant]

Capacity PlanningIs your data center infrastructure being used the way you intended it to? Are you in control of your organization’s IT data?  If your organization is like most, probably not as well as you would like to.

A good data center capacity planning strategy can help your business become more efficient, dynamic, and competitive, but few organizations dedicate resources to capacity management or give it any importance.  If it does exist, many times it is usually just to satisfy regulations or to check a box on a form.

The tendency of many IT departments is to play it safe by purchasing more server and storage capacity than needed, which means resources are being wasted at a time when IT departments are being asked to do even more with less.  On the flip side of the coin, some IT departments are not able to anticipate the growing IT demands of the business, and react to them in a timely manner, potentially resulting in lost business or costly reactionary purchases.

In order to proactively meet the demands of your organization’s needs, you need to develop data center capacity planning processes and procedures that will track and report on the following metrics:Capacity Planning 2

  • How much is being used?
  • Who is using it?
  • At what rate is it being used?
  • How much is left?
  • When will we run out of it?

Having the answers to these questions at any point in time allows your IT department to be proactive and take steps accordingly to stay ahead of the business’ needs.  Being able to project future needs allows your organization to budget and plan for data center growth and scalability in advance, which is almost always cheaper than unplanned emergency purchases.

Does your organization need help developing a data center capacity management strategy?  Please contact your Keller Schroeder Account Manager to see how we can help.


VMware AirWatch – Enterprise Mobility Management

KS Airwatch Logo

Chris Ross  – [Systems Engineer – Network Solutions Group]

Do you have a mobile workforce?  How are you controlling ghost IT and data leakage?  How are you providing corporate resources to help your mobile sales team?  Is that sales team able to leverage up to date data from the internal databases?  If you are struggling to answer any of these questions, AirWatch may be the solution for you.  By utilizing applications such as AirWatch Inbox, AirWatch Browser and AirWatch Container, complete control of data can be obtained while seamlessly providing internal corporate resources to a mobile workforce in a secure and safe manner.

Do you have an intranet website that your sales team is currently having to spend countless minutes laboring through VPN’s and multiple sign-ins just to access?  AirWatch Browser can present that intranet website in a seamless experience as if the user was browsing a normal internet page, no multiple sign-ins, no hassle of a ensuring correct VPN credentials.

Sending the latest monthly sales numbers from a behind the firewall SharePoint site?  AirWatch Container can link to that SharePoint site and give your mobile workforce a secure and controlled method of access.  All the while preventing data leakage on the mobile device by ensuring any controlled information stays inside AirWatch Container.KS Airwatch Container

As a leader in the Gartner Magic Quadrant, VMware AirWatch is setting the stage for how Enterprise Mobility Management (EMM) should look.  The mobile worker population continues to grow and is forecasted to reach over 1.3 billion in 2016 and with this growth requires new security and management concerns.  VMware AirWatch is positioned to be that solution by leading in both security functionality and features delivered to the mobile worker.  Below you can find a brief summary of the main AirWatch features.

Enterprise Mobility Management Platform

Container
VMware AirWatch Container provides complete separation of corporate and personal data on devices, securing corporate resources and maintaining employee privacy. AirWatch enables organizations to standardize enterprise security and data loss prevention strategies across mobile devices through our flexible approach to containerization.

Devices
VMware AirWatch Mobile Device Management enables you to gain visibility into the devices – including smartphones, tablets and laptops – connecting to your enterprise network, content and resources. Quickly enroll devices in your enterprise environment, update device settings over-the-air, and enforce security policies and compliance across your entire device fleet. Manage any mobile device type, including smartphones, tablets, laptops, desktops, rugged devices, printers and peripherals with support for multiple operating systems including Android, Apple IOS, BlackBerry, Chrome OS, Max OS and Windows across your organization.

Apps
VMware AirWatch Mobile Application Management enables you to manage internal, public and purchased apps across devices enrolled in your organization. Distribute, update, track and recommend apps with VMware AirWatch Catalog. Build custom business apps with the VMware AirWatch Software Development Kit or by following AirWatch-sponsored ACE documentation, or wrap existing internal apps for advanced security with VMware AirWatch App Wrapping.

Content
VMware AirWatch Mobile Content Management secures document distribution and promotes content collaboration anytime, anywhere with VMware AirWatch Content Locker. Access your corporate content in a secure container with advanced data loss prevention policies. Promote collaboration with editing, annotation and commenting capabilities for shared files.

Email
VMware AirWatch Mobile Email Management delivers comprehensive security for your corporate email infrastructure. With AirWatch, you can control which mobile devices access email, prevent data loss, encrypt sensitive data and enforce advanced compliance policies. Containerize email and provide a consistent user experience with VMware AirWatch Inbox, a secure email client.

Browsing
VMware AirWatch Browser is a secure browsing alternative to native browsers and provides organizations with the ability to configure customized settings to meet unique business and end-user needs. Define and enforce secure browsing policies for intranet sites without a device-level VPN. Enable secure browsing with whitelists and blacklists or kiosk mode.

Telecom
VMware AirWatch Telecom Management enables IT to easily monitor data, voice and roaming usage alongside devices from the admin console. With AirWatch, IT has insight into telecom usage to help save time, money and resources. Roaming restrictions, automated compliance enforcement and self-service options for end users simplify telecom management for IT.

These are only a few of the features that AirWatch can offer you.  If you would like to learn or ore to see a demo of AirWatch, please contact your Keller Schroeder Account Manager.

 


Windows Licensing Change – Processor to Core-Based

Dezarae Loewen -[Inside Product Manager & Microsoft Licensing Specialist]2015 Partner Logo

Microsoft is looking to release the newest version of Windows Server sometime in the second half of 2016. With this new significant product release, comes a change in not only the product but the licensing structure as well.  This article will take a look at a few of the new changes that Microsoft has made to Windows Server.

Windows Server 2016 will continue to come in both the Standard and Datacenter versions.  However, there now will be more differences between the two than just virtualization rights.  Datacenter will now include additional storage replication capabilities, a new network stack, and a new shielded virtual machines and host guardian service.

The major change with this new release is that the licensing moves to a per core model.  Windows Server 2016 will use a 2 core pack instead of the processor based model in Windows Server 2012. To license a physical server, all physical cores must be licensed with a minimum of 8 core licenses per physical processor.  The minimum cores per physical server is 16 cores.  Microsoft has stated that the price of the 16 core license of Windows Server 2016 will match the price of the 2 processor license of Windows Server 2012.  Those systems with up to 4 processors and up to 8 cores per processor should not see any change in cost from Windows 2012. However, pricing can get more expensive than the previous licensing model the higher the processor core count on each physical server.  This change to a per core license model does not do away with CAL requirements.  Windows CAL’s will still be required for each user and/or device accessing a licensed Windows Server.

2016 Server Licensing

With this expected release coming later this year, now is a great time to purchase Windows Server 2012 with software assurance.  By adding software assurance to your Windows purchase today, you will be guaranteed the right to a free license upgrade to Windows 2016 at its release. Once the software assurance term ends, the processor licenses will then be exchanged for a minimum of 8 two-core pack licenses or the actual number of physical cores in use.

For any additional questions, please contact your Keller Schroeder Account Manager for more information, including what Software Assurance and migration benefits your company is eligible for as well as how to purchase new licenses before these changes take effect.


Veeam Availability Suite v9 – Now Available!

Jessee Drew [Senior Consultant]

Veeam Availability Suite version 9 was officially released to the public on January 12th, 2016, after an early release in December to manufacturers and partners. Veeam Availability Suite combines the industry-leading backup, restore and replication capabilities of Veeam Backup & Replication with the advanced monitoring, reporting and capacity planning functionality of Veeam ONE. This article will focus on the new features available in Veeam Backup & Replication. Below is a list of some of the major new features in the latest software release.Veeam V9

  1. Scale-Out Backup Repository – Scale-Out Backup Repository is perhaps the most significant new feature of Veeam Backup & Replication v9 and will provide the greatest benefit to many businesses. This feature allows multiple disk repositories from any backup target supported by Veeam to be grouped into a single pool for maximum scale-out capabilities.  Backup targets can be Windows or Linux servers with local or direct attached storage, or even NAS or SAN storage volumes with compression and/or deduplication technologies.  Any of these various sources can now be combined into one big backup destination pool for Veeam backups.  This not only benefits scale-out for backups, but also allows new storage sources to be added and old storage sources to be removed on the fly over time, without disrupting backup operations. Also, the combination of multiple disk sources can dramatically improve backup performance.

  2. Per-VM Backup Chains – Per-VM backup chains will allow a single backup job, which in v8 was a single-threaded task, to become a multi-threaded task. For example, a backup job with 20 VMs can now create 20 threads on the underlying storage.  This will result in faster backup completion times by allowing each disk resource to reach its full performance level.  This feature in combination with the Scale-Out Repository feature will greatly improve backup performance.

  3. Stand-alone Console – The previous Veeam versions could only be managed by directly accessing the Veeam management server via RDP or console and opening the local client that was installed as part of the Veeam server installation. In the new Veeam Backup & Replication v9, there is now a separate stand-alone thick client that can be installed on any workstation or server, providing more convenient & secure access to Veeam management.

  4. Storage Snapshot Integration with EMC – Veeam Backup & Replication v9 has also added the ability to leverage storage based snapshots from EMC storage, just as it has done in previous versions with HP & NetApp storage. These storage snapshots can be accessed from “Veeam Explorer for Storage Snapshots”.  Just like Veeam’s other client specific Explorer utilities (Exchange, SQL, Oracle, etc.), the snapshot backups can be searched and item level data can be recovered directly from the Veeam Explorer GUI.

  5. Direct Backup from Network File System (NFS) – Veeam Backup & Replication v9 can now directly backup any NFS storage target attached to a vSphere ESXi host. This new version of Veeam will also support the NFS 4.1 protocol on vSphere 6. This is a great additional feature, as until now, only select vendor’s NFS storage targets were supported.

To learn more about these and other new features, please check out Veeam’s website at the following link: https://www.veeam.com or contact your Keller Schroeder Account Manager.


LogRhythm 7 – Next-Gen Security Threat Detection & Response

Brad Mathis[Senior Consultant, Information Security]LogRhythm Platform

 

LogRhythm, The Security Intelligence Company, recently unveiled LogRhythm 7, a major upgrade to their security intelligence and analytics platform.  With new and enhanced features and capabilities, LogRhythm continues to be a leader in the SIEM (Security Information & Event Management) space.

 

Chris Peterson, senior vice-president of products, CTO and co-founder at LogRhythm states, “The sophistication and resolve of today’s cyber adversaries continue to rise, as does the number of successful intrusions.” “The innovations in LogRhythm 7 empower IT security teams to detect, respond to and neutralize cyber intruders faster and more efficiently.”

 

LogRhythm DashboardWith LogRhythm’s HTML5 based dashboard, advanced security analytics and SmartResponse automation capabilities, and the ability to perform full-text unstructured search with the introduction of Elasticsearch, it is no surprise LogRhythm has been positioned as a Leader in Gartner’s SIEM Magic Quadrant report for four consecutive years.  LogRhythm scored highest in Gartner’s Critical Capabilities for Security Information and Event Management.

 

New features with LogRhythm 7 include:

  • Elasticsearch based indexing for expedited investigations
  • Architectural advancements for up to a 300 percent improvement in data indexing performance on a per-node basis
  • Real-time threat activity map
  • New Risk-Based scoring algorithms
  • Incident Response advancements
  • Extensions to the SmartResponse Automation framework, such as the ability to prevent malware outbreak with endpoint shutdown

For more information or to schedule a LogRhythm demonstration, contact your Keller Schroeder Account Manager.


Azure Rights Management Service from Microsoft

Microsoft Azure

Chance Webster – [Systems Engineer]

We have all seen stories on the news about company information being accidentally disclosed because of employee error or stolen during a breach of a company’s security infrastructure.  In many cases, company’s data is critical and confidential, and protecting this vital asset is a high priority.  The problem that organizations often face is protecting the company’s data within a budget that adequately aligns with the risk of data loss.

 

While there are many solutions available, Microsoft has developed a strong solution with the Azure Rights Management Service which natively integrates with many applications already in use within the business.  The Azure Rights Management Service is a cloud based Rights Management platform that provides a holistic approach to protecting your information within the Office 365 platform.  This service allows information owners to maintain access controls over the data that is being sent via email, stored on portable media, or even within the organization.  In addition, Azure Rights Management can be configured to provide notifications, either on-demand or by using a Rights Management template, that the data has been accessed by authorized users or that unauthorized access has been attempted.  Additionally, as part of the Azure Rights Management Premium service, this same protection can be extended to your on-premise Exchange, SharePoint, and File servers without a need for additional infrastructure that typically requires significant effort to implement and maintain.

 

Azure Rights Management Devices

An additional feature of the Azure Rights Management service is the Office 365 Message Encryption service.  This service provides an easy to use email encryption platform that requires very little setup and integrates with your existing email infrastructure.  Internal users can easily encrypt emails without a need for cumbersome setup time or need to exchange email certificates with a recipient in order to send an encrypted message.  Recipients of messages encrypted by the Office 365 Message Encryption service will find it easy to use and without a need for any additional setup.

 

The Azure Rights Management service is included in the Office 365 E3 and E4 plans or available for separate purchase for use with other Office 365 plans.  For on-premise infrastructure or for additional features such as tracking of RMS protected documents, Azure Rights Management Premium is available for separate purchase or as part of the Enterprise Mobility Suite or Enterprise Cloud Suite.

 

For more detailed information on Azure Rights Management Service and how it may help with protection of your organization’s data, contact your Keller Schroeder Account Manager.

 

 

 


Spotlight On…

Employee Owners: Chris FortuneChris Fortune

 

Chris Fortune is a 20 year veteran in IT. His experience began as a co-op student on a helpdesk and quickly escalated into increasingly challenging roles in network engineering, system engineering, and telecom. Security has always been the common thread of Chris’ work with these other disciplines.  He has also had direct responsibility for security such as managing firewalls, IDS/IPS, AV, VPN, remote access, log management and forensics.  Chris has worked for manufacturing, education, service provider, financial, healthcare and utility companies, as well as being an IT consultant for these types of businesses.

Chris has a Bachelor of Science in Computer Engineering from the University of Evansville and is working on a graduate certificate in Penetration Testing & Ethical Hacking from SANS Technology Institute.

Contact the Keller Schroeder Account Team to learn more about Chris and how you can leverage his experience and skills to benefit your organization.


VMworld 2015 – End User Compute (EUC)

VM World ExteriorMatt Barton – Senior Systems Engineer

What tech conference combines 23,000+ people, 785 sessions, 1,000,000+ sq ft, miles of walking, painfully slow wifi, all spread over 6 days in the heart of San Francisco?  Any guesses?  Of course it’s VMworld 2015.  I had the good fortune of being able to attend this year.  Focusing on VMware’s End User Compute (EUC) technologies and future roadmap, along with 20+ scheduled sessions, I was ready to tackle the onslaught of information.

VM World ANY

VMware’s catchphrase this year was “Ready for Any” and they did not let down attendees.  Two key takeaways from this conference were VMware Project A2 and the latest release of VMware Horizon 6.2.  The announcement of Project A2 occurred during Tuesday’s Keynote address, and included Microsoft VP for Windows Enterprise & Security Jim Alkove.  Project A2 combines Airwatch Enterprise Mobility Management (EMM) and VMware Horizon App Volumes to manage and deliver applications to Physical Windows 10 PCs.  Combining Airwatch EMM and Horizion App Volumes will speed application delivery to your endpoints by extending the ease of virtual application deployment & management to your physical devices.  There was also a demonstration highlighting the import of System Center application packages into App Volumes. VMware has recognized that most organizations cannot rip & replace their existing virtual desktop/application environment.  Instead they look to become the unified deployment and management portal of choice for Microsoft RDSH, Citrix, mobile, and traditional Horizon VDI deployments.

VMware also announced VMware Horizon 6.2.  This newest version of VMware’s VDI solution brings a number of incremental improvements to the table.  Some Remote Desktop Session/Remote Desktop Session Host (RDS/RDSH) enhancements of note include Skype for Business for RDS, RDSH Farm Load Balancing, and File Type Associations for Published Apps.  This last enhancement allows users to click on a document on their physical Windows device and, if the application is not installed locally, to be redirected seamlessly to the application on their Horizon View desktop or RDSH session.  VMware Identity Manager provides single sign on and a Self-Service App Store, allowing users to access on-premise web-based applications, SaaS applications or native mobile apps from any device.  Combining Identity Manager with Airwatch EMM and Enterprise BYO is a reality, allowing for dynamic app provisioning based on a wide range of policies.

Overwhelmed
After 6 days of all things VMware, I left feeling a bit overwhelmed. However, I look forward to implementing these new features as we strive to be “Ready for Any.”


Veeam Backup & Replication

Veeam Logo

Matt Barton – Senior Engineer

Is your business still backing up a VMware or Hyper-V environment using traditional physical backup software?  Has your business recently made the transition from physical infrastructure to a VMware or Hyper-V virtualized environment, and are now looking to take further advantage of server virtualization?  Or are your backups failing to meet RPO & RTO targets?  If any of these scenarios are true of your business, now is a great time to look into Veeam, and the Veeam Availability Suite.

 

Veeam-Availability-v8

 

The Veeam Availability Suite combines 2 great products: Veeam Backup & Replication and Veeam ONE.  Veeam Backup & Replication is the ideal replacement for your legacy backup; Veeam was built from the beginning for virtualized environments.  This allows for recovery of failed VMs in as little as 2 minutes, near-continuous data protection and replication, and 15 minute RTO & RPOs.  Veeam backups include in-line deduplication, compression, and changed-block tracking (CBT), greatly reducing capacity requirements.  The best part – no backup agents on your VMs!

Veeam ONE is a full-featured monitoring, reporting, and capacity planning tool for VMware or Hyper-V virtualized environments.  It provides 24×7 real-time monitoring and alarming of performance and backup issues.  The software comes configured with 200+ pre-set alarms, but is fully customizable based on your environment.  The advanced capacity planning allows for “what-if?” analysis and resource reservation configuration.

Interested in trying out Veeam, but not ready to fully commit?  Check out the completely FREE versions: Veeam Backup Free Edition and Veeam ONE Free Edition.  Both offer a subset of the functionality included in the fully licensed versions, including full VM backups, single item recovery, and 7 days of performance and capacity metrics from Veeam ONE Free Edition.


Leverage Your Existing Cisco Phone System with Informacast

Warren Swingle – Senior Systems Engineer

Do you have the need to send mass notifications to people in your organization?  Would you like to leverage your existing Cisco phone system to add a paging system and/or notification system?  Informacast software can integrate with your existing or new Cisco phone system to provide numerous paging and notification features.

PrintSince the release of Cisco Call Manager Version 9, Cisco has included a Singlewire software called Informacast with Call Manager Business Edition 6000.  It also can be downloaded free and installed with Call Manager 8.5 and higher.  The Informacast Basic Paging license lever is free with Cisco Call Manager.  Basic Paging allows customers to live page up to 50 IP phones through the speaker built into the phone.  Custom groups can be created to page different areas, departments or groups.  Informacast can run as a virtual appliance on your existing VM hosts supporting your current UC virtual machines.  Since Informacast runs as an appliance, no Windows licensing is needed.  Informacast Basic Paging is also supported by Cisco TAC if you have an active support contract for Call Manager.  Within the same application supporting Basic Paging, a license upgrade unlocks the Advanced Notification features.  Below are some of the most popular features.  These features can be easily customized to fit your business need in healthcare, education, manufacturing, financial or retail.

  • Live or pre-recorded audio paging to Cisco IP phones and overhead paging systems.
  • Notification and confirmation to mobile devices (Apple iOS, Andriod and SMS), IP phones and desktop workstations.
  • Common Alerting Protocol integration with the National Weather Service, NOAA and Homeland Security.
  • Notification to Jabber Clients and Twitter
  • 911 call monitoring, alerting and recording
  • Automated weather notifications
  • Message confirmation
  • Trigger notifications from other systems (door locks, panic buttons, lights, etc.)

 

Informacast HeaderInformacast Advanced Notification can provide customized notifications and confirmation of those notifications.  An example situation would be if there is an emergency that requires a site lockdown.  Informicast Advanced Notification can send a pre-recorded audio page to IP phones and overcisco-paging-cdn-informacasthead speakers.
Simultaneously, notifications are sent to computer desktops, Apple/Andriod mobile devices and SMS text messages.  If a user has received a message via a mobile device, SMS, IP phone or desktop they can acknowledge receipt of the notification.  Informacast management console has the ability to track the acknowledgement of those notifications. Informicast Advanced Notification can also receive Common Alerting Protocol (CAP) notifications from the National Weather Service, NOAA, and Homeland Security.  Based on the type, location and severity of the alert, Informatcast can trigger an alert via paging and/or notifications.

 

Another feature of Informacast is the emergency call notification.  Emergency call notification can notify personnel in your organization that a 911 call has been made from your facilty and record the emergency call.  The receiver of the notification will have the internal extension and name of the phone that dialed the emergency number.  Many times if you have a large building or campus, the 911 PSAP is only the number and physical address of the location.  Emergency call notification allows groups within your organization to be aware an emergency call has been made, where it originated, and a recording of the call.  This can be critical information that can be given to first responders when they arrive.

There are many other powerful paging and notification features available with Informicast software.  If you have any questions about Informacast Paging and Notification contact your Keller Schroeder Account Manager.