POPULARITY
Recently Broadcom announced that vSAN ESA support for SAP HANA was introduced. Erik Rieger is Broadcom's Principal SAP Global Technical Alliance Manager and Architect, and as such I invited him on the show to go over what this actually means, and why this is important for customers!For more details make sure to check:SAP note 3406060 – SAP HANA on VMware vSphere 8 and vSAN 8 for details.SAP HANA and VMware support pagesSAP HANA on HCI powered by vSANvSphere and SAP HANA best practicesDisclaimer: The thoughts and opinions shared in this podcast are our own/guest(s), and not necessarily those of Broadcom, VMware by Broadcom, or SAP.
HPE heeft met HPE VM Essentials Software een alternatief ontwikkeld voor VMware vSphere. Met de overname van Morpheus Data deze zomer heeft HPE reuzenstappen gezet om een goed en schaalbaar alternatief voor VMware vSphere neer te zetten. Techzine was aanwezig op HPE Discover Europe en in deze aflevering analyseren we deze stap van HPE.HPE heeft met de overname van Morpheus Data een softwarestack in huis gehaald waarmee het een schaalbare KVM-virtualisatiestack aanbiedt. Met de techniek van Morpheus Data kun je duizenden VM's virtualiseren. Dat product heeft HPE als basis gebruikt bij de ontwikkeling van HPE VM Essentials Software. Waar we zo'n zes maanden geleden nog dachten dat HPE zich voornamelijk zou richten op virtualisatie voor het MKB, legt het bedrijf de lat nu een stuk hoger.We bespreken in deze aflevering van Techzine Talks de features, de stack, de SLA, de pricing, het aanbod en de beschikbaarheid. Ook staan we stil bij de impact van deze ontwikkeling. Wat betekent dit voor VMware en Nutanix?
Recently Broadcom announced the latest updates to vSphere 8. This new release includes updates that will help enhance operational efficiency for IT admins, supercharge the performance of demanding workloads, and accelerate the pace of innovation for DevOps engineers, developers, and anyone else that can benefit from self-service access to infrastructure services, in a secure and compliant manner. On this episode of the Virtually Speaking Podcast we welcome Féidhlim O'Leary to walk us through the details of this latest release. Links Mentioned: VCF Landing Page What's New in vSphere 8 Update 3? Announcing VMware vSphere Foundation 5.2 VMware vCenter Server 8.0 Update 3 Release Notes Embracing Change with VMware vSphere Foundation VMware vSphere Foundation (VVF) Licensing Virtually Speaking YouTube Page Virtually Speaking Podcast vSAN on TechZone The Virtually Speaking Podcast The Virtually Speaking Podcast is a technical podcast dedicated to discussing VMware topics related to private and hybrid cloud. Each week Pete Flecha and John Nicholson bring in various subject matter experts from within the industry to discuss their respective areas of expertise. If you're new to the Virtually Speaking Podcast check out all episodes on vspeakingpodcast.com and follow on TwitterX @VirtSpeaking
Continuing our special 10-part series on the Virtually Speaking Podcast: "Exploring VMware Cloud Foundation" in Episode 4,titled “VCF Compute”, Himanshu Singh, Director of vSphere Product Marketing, navigates us through the spectrum of vSphere editions, highlighting their adaptability for diverse customer needs. He then showcases the enhanced value proposition of vSphere within VMware Cloud Foundation, harnessing the synergy with NSX and Aria Automation to elevate private cloud infrastructures. Drawing from the essence of VMware vSphere, Himanshu emphasizes its role as the enterprise workload engine, integrating cutting-edge cloud infrastructure technology with DPU and GPU-based acceleration to amplify workload performance. vSphere optimizes IT environments, bolstering availability, simplifying lifecycle management, and streamlining maintenance for heightened operational efficiency. Moreover, it establishes an intrinsically secure infrastructure engine, fortified out-of-the-box and complemented by straightforward hardening guidance for compliance adherence. Links Mentioned: VCF Landing Page Announcing General Availability of VMware Cloud Foundation 5.1.1 VCF Webinars VCF YouTube Page Virtually Speaking YouTube Page Virtually Speaking Podcast Watch the Entire Series Ep 01: Inside the Private Cloud Ep 02: What's Inside Ep 03: The Cloud Admin Journey Ep 04: VCF Compute Ep 05: VCF Storage Ep 06: VCF Networking Ep 07: A Cloud Management Experience Ep 08: VMware Private AI Ep 09: Data Services Manager Ep 10: VMware vDefend The Virtually Speaking Podcast The Virtually Speaking Podcast is a technical podcast dedicated to discussing VMware topics related to private and hybrid cloud. Each week Pete Flecha and John Nicholson bring in various subject matter experts from VMware and from within the industry to discuss their respective areas of expertise. If you're new to the Virtually Speaking Podcast check out all episodes on vspeakingpodcast.com and follow on TwitterX @VirtSpeaking
VMware vSphere Foundation is the enterprise workload engine with intelligent operations for optimizing IT infrastructure in organizations of all sizes. It boosts operational efficiency, supercharges workload performance, elevates security, and accelerates innovation for your business. This week VMware by Broadcom announced VMware vSphere Foundation 5.2. This week on the Virtually Speaking Podcast we welcome Himanshu Singh and Harshad Kolte to discuss the details of this latest release. Links Mentioned: VCF Landing Page Announcing VMware vSphere Foundation 5.2 VCF Webinars VCF YouTube Page Virtually Speaking YouTube Page Virtually Speaking Podcast The Virtually Speaking Podcast The Virtually Speaking Podcast is a technical podcast dedicated to discussing VMware topics related to private and hybrid cloud. Each week Pete Flecha and John Nicholson bring in various subject matter experts from VMware and from within the industry to discuss their respective areas of expertise. If you're new to the Virtually Speaking Podcast check out all episodes on vspeakingpodcast.com and follow on TwitterX @VirtSpeaking
In episode 073 Duncan and Pete discuss various updates and changes related to vSAN, including ReadyNode configurations, licensing, vSAN Max, capacity reporting, and compression ratios. They highlight the improvements in compression ratios with vSAN ESA, which can result in significant space efficiency gains. They also discuss the use cases for vSAN Max and vSAN HCI, as well as the flexibility in making changes to ReadyNode configurations. Overall, they emphasize the ongoing development and exciting future of vSAN and VMware Cloud Foundation.TakeawaysvSAN ESA offers improved compression ratios, with an average of 1.5x and some customers achieving 1.7x or better.vSAN Max is a centralized shared storage solution for vSphere clusters, providing storage services to multiple vSphere clusters.Customers can choose between vSAN Max and vSAN HCI based on their needs, such as independent scaling of storage and compute, separate lifecycle management, extending the life of existing vSphere clusters, or specific application requirements.Changes in ReadyNode configurations for vSAN Max have reduced the minimum number of hosts required and lowered the hardware requirements, making it more accessible for smaller enterprises.Capacity reporting in vSAN has been improved with the introduction of L0FS overhead, providing more accurate information on capacity usage.vSAN ESA's improved compression ratios, combined with RAID 5 or RAID 6 erasure coding, can result in significant space efficiency gains compared to the original storage architecture.Ongoing development and updates are expected in vSAN and VMware Cloud Foundation, with exciting new capabilities on the horizon.Linkshttps://core.vmware.com/blog/smaller-vsan-esa-readynodes-accommodate-vmware-vsphere-foundations-trial-capacity-capabilityhttps://docs.vmware.com/en/VMware-vSphere/8.0/rn/vsphere-esxi-80u2b-release-notes/index.htmlhttps://core.vmware.com/blog/improved-capacity-reporting-vmware-cloud-foundation-51-and-vsan-8-u2 https://core.vmware.com/blog/greater-flexibility-vsan-max-through-lower-hardware-and-cluster-requirements Follow us on X for updates and news about upcoming episodes: https://x.com/UnexploredPod.Last but not least, make sure to hit that subscribe button and share the episode with your friends and colleagues!Disclaimer: The thoughts and opinions shared in this podcast are our own/guest(s), and not necessarily those of Broadcom or VMware by Broadcom.
Welcome to episode 249 of the CloudPod Podcast – where the forecast is always cloudy! This week, Justin and Ryan put on their scuba suits and dive into the latest cloud news, from Google Gemini’s “woke” woes, to Azure VMware Solution innovations, and some humorous takes on Reddit and Google’s unexpected collaboration. Join the conversation on AI, storage solutions, and more this week in the Cloud! Titles we almost went with this week: Gemini Has Gone Woke? Uhhh…ok. A big thanks to this week's sponsor: We're sponsorless this week! Interested in sponsoring us and having access to a specialized and targeted market? We'd love to talk to you. Send us an email or hit us up on our Slack Channel. General News 01:48 DigitalOcean beats expectations under the helm of new CEO Paddy Srinivasan Quick earnings chat. Digital Ocean, under their new CEO Paddy Srinivasan reported earnings of 44 centers per share, well ahead of Wall Street’s target of 37 cents per share. Revenue growth was a little sluggish at 11% more than a year earlier, but the companies 181 million in reported sales still beat analysts expectations. Full year revenue was 693M for the year. We’re really glad to see the business is still going, and instead of going back on-premise, we think it’s a viable option for many workloads so don't sleep on them. 02:46 Ryan – “I like that, you know, while they are very focused on, you know, traditional compute workloads, you can still see them. Dip in their toes into managed services and, and, um, their interaction with the community and documentation of how to do things. I think it’s really impactful.” 03:34 VMware moves to quell concern over rapid series of recent license changes As we have reported multiple times on the VMWARE shellacking they are doing to the customers, Vmware has released a blog post trying to convince you that they’re **not** screwing you. Broadcom has realigned operations around VMWare Cloud Foundation private cloud portfolio and data center-focused VMWare Vsphere suite, and no longer sells discrete products such as vSphere hypervisor, vSAN virtual storage and NSX network storage virtualization software. They also are eliminating perpetual licensing in favor of subscription-only pricing, with VCF users getting vSAN, NSX and the Aria Management and orchestration components bundled whether you want them or not. Broadcom says this is about focusing on best-of-breed silos, and not disparate products without an integrated experience.
Take the next step in your hybrid-cloud journey with vSphere+, unifying lifecycle management for current and next generation workloads! Embrace next generation Kubernetes applications without having to refactor your datacenter with vSphere+! Unify multi-cloud management while supporting current and next generation applications with license-less vSphere+. Run VM & container workloads anywhere from a unified management plane with vSphere+! Bring the benefits of the cloud, next-gen containerization, and cut through the chaos with vSphere+!
On this episode of The Cloud Pod, the team discusses the new Amazon Linux 2023, Google Bard, new features of Google Chronicle Security Operations, GPT-4 from Azure Open AI, and Oracle's Kubernetes platform comparison. They also talk about cloud-native architecture as a way to adapt applications for a pivot to the cloud. A big thanks to this week's sponsor, Foghorn Consulting, which provides full-stack cloud solutions with a focus on strategy, planning and execution for enterprises seeking to take advantage of the transformative capabilities of AWS, Google Cloud and Azure. This week's highlights
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Phishing Page Branded with Your Corporate Website https://isc.sans.edu/diary/Phishing%20Page%20Branded%20with%20Your%20Corporate%20Website/29570 Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/ Apache Commons FileUpload Vulnerability https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy VMWare Windows Server 2022 Fix https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-70u3k-release-notes.html#resolvedissues
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Phishing Page Branded with Your Corporate Website https://isc.sans.edu/diary/Phishing%20Page%20Branded%20with%20Your%20Corporate%20Website/29570 Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/ Apache Commons FileUpload Vulnerability https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy VMWare Windows Server 2022 Fix https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-70u3k-release-notes.html#resolvedissues
About SamSam Nicholls: Veeam's Director of Public Cloud Product Marketing, with 10+ years of sales, alliance management and product marketing experience in IT. Sam has evolved from his on-premises storage days and is now laser-focused on spreading the word about cloud-native backup and recovery, packing in thousands of viewers on his webinars, blogs and webpages.Links Referenced: Veeam AWS Backup: https://www.veeam.com/aws-backup.html Veeam: https://veeam.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by our friends at Chronosphere. Tired of observability costs going up every year without getting additional value? Or being locked in to a vendor due to proprietary data collection, querying and visualization? Modern day, containerized environments require a new kind of observability technology that accounts for the massive increase in scale and attendant cost of data. With Chronosphere, choose where and how your data is routed and stored, query it easily, and get better context and control. 100% open source compatibility means that no matter what your setup is, they can help. Learn how Chronosphere provides complete and real-time insight into ECS, EKS, and your microservices, whereever they may be at snark.cloud/chronosphere That's snark.cloud/chronosphere Corey: This episode is brought to us by our friends at Pinecone. They believe that all anyone really wants is to be understood, and that includes your users. AI models combined with the Pinecone vector database let your applications understand and act on what your users want… without making them spell it out. Make your search application find results by meaning instead of just keywords, your personalization system make picks based on relevance instead of just tags, and your security applications match threats by resemblance instead of just regular expressions. Pinecone provides the cloud infrastructure that makes this easy, fast, and scalable. Thanks to my friends at Pinecone for sponsoring this episode. Visit Pinecone.io to understand more.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. This promoted guest episode is brought to us by and sponsored by our friends over at Veeam. And as a part of that, they have thrown one of their own to the proverbial lion. My guest today is Sam Nicholls, Director of Public Cloud over at Veeam. Sam, thank you for joining me.Sam: Hey. Thanks for having me, Corey, and thanks for everyone joining and listening in. I do know that I've been thrown into the lion's den, and I am [laugh] hopefully well-prepared to answer anything and everything that Corey throws my way. Fingers crossed. [laugh].Corey: I don't think there's too much room for criticizing here, to be direct. I mean, Veeam is a company that is solidly and thoroughly built around a problem that absolutely no one cares about. I mean, what could possibly be wrong with that? You do backups; which no one ever cares about. Restores, on the other hand, people care very much about restores. And that's when they learn, “Oh, I really should have cared about backups at any point prior to 20 minutes ago.”Sam: Yeah, it's a great point. It's kind of like taxes and insurance. It's almost like, you know, something that you have to do that you don't necessarily want to do, but when push comes to shove, and something's burning down, a file has been deleted, someone's made their way into your account and, you know, running a right mess within there, that's when you really, kind of, care about what you mentioned, which is the recovery piece, the speed of recovery, the reliability of recovery.Corey: It's been over a decade, and I'm still sore about losing my email archives from 2006 to 2009. There's no way to get it back. I ran my own mail server; it was an iPhone setting that said, “Oh, yeah, automatically delete everything in your trash folder—or archive folder—after 30 days.” It was just a weird default setting back in that era. I didn't realize it was doing that. Yeah, painful stuff.And we learned the hard way in some of these cases. Not that I really have much need for email from that era of my life, but every once in a while it still bugs me. Which gets speaks to the point that the people who are the most fanatical about backing things up are the people who have been burned by not having a backup. And I'm fortunate in that it wasn't someone else's data with which I had been entrusted that really cemented that lesson for me.Sam: Yeah, yeah. It's a good point. I could remember a few years ago, my wife migrated a very aging, polycarbonate white Mac to one of the shiny new aluminum ones and thought everything was good—Corey: As the white polycarbonate Mac becomes yellow, then yeah, all right, you know, it's time to replace it. Yeah. So yeah, so she wiped the drive, and what happened?Sam: That was her moment where she learned the value and importance of backup unless she backs everything up now. I fortunately have never gone through it. But I'm employed by a backup vendor and that's why I care about it. But it's incredibly important to have, of course.Corey: Oh, yes. My spouse has many wonderful qualities, but one that drives me slightly nuts is she's something of a digital packrat where her hard drives on her laptop will periodically fill up. And I used to take the approach of oh, you can be more efficient and do the rest. And I realized no, telling other people they're doing it wrong is generally poor practice, whereas just buying bigger drives is way easier. Let's go ahead and do that. It's small price to pay for domestic tranquility.And there's a lesson in that. We can map that almost perfectly to the corporate world where you folks tend to operate in. You're not doing home backup, last time I checked; you are doing public cloud backup. Actually, I should ask that. Where do you folks start and where do you stop?Sam: Yeah, no, it's a great question. You know, we started over 15 years ago when virtualization, specifically VMware vSphere, was really the up-and-coming thing, and, you know, a lot of folks were there trying to utilize agents to protect their vSphere instances, just like they were doing with physical Windows and Linux boxes. And, you know, it kind of got the job done, but was it the best way of doing it? No. And that's kind of why Veeam was pioneered; it was this agentless backup, image-based backup for vSphere.And, of course, you know, in the last 15 years, we've seen lots of transitions, of course, we're here at Screaming in the Cloud, with you, Corey, so AWS, as well as a number of other public cloud vendors we can help protect as well, as a number of SaaS applications like Microsoft 365, metadata and data within Salesforce. So, Veeam's really kind of come a long way from just virtual machines to really taking a global look at the entirety of modern environments, and how can we best protect each and every single one of those without trying to take a square peg and fit it in a round hole?Corey: It's a good question and a common one. We wind up with an awful lot of folks who are confused by the proliferation of data. And I'm one of them, let's be very clear here. It comes down to a problem where backups are a multifaceted, deep problem, and I don't think that people necessarily think of it that way. But I take a look at all of the different, even AWS services that I use for my various nonsense, and which ones can be used to store data?Well, all of them. Some of them, you have to hold it in a particularly wrong sort of way, but they all store data. And in various contexts, a lot of that data becomes very important. So, what service am I using, in which account am I using, and in what region am I using it, and you wind up with data sprawl, where it's a tremendous amount of data that you can generally only track down by looking at your bills at the end of the month. Okay, so what am I being charged, and for what service?That seems like a good place to start, but where is it getting backed up? How do you think about that? So, some people, I think, tend to ignore the problem, which we're seeing less and less, but other folks tend to go to the opposite extreme and we're just going to backup absolutely everything, and we're going to keep that data for the rest of our natural lives. It feels to me that there's probably an answer that is more appropriate somewhere nestled between those two extremes.Sam: Yeah, snapshot sprawl is a real thing, and it gets very, very expensive very, very quickly. You know, your snapshots of EC2 instances are stored on those attached EBS volumes. Five cents per gig per month doesn't sound like a lot, but when you're dealing with thousands of snapshots for thousands machines, it gets out of hand very, very quickly. And you don't know when to delete them. Like you say, folks are just retaining them forever and dealing with this unfortunate bill shock.So, you know, where to start is automating the lifecycle of a snapshot, right, from its creation—how often do we want to be creating them—from the retention—how long do we want to keep these for—and where do we want to keep them because there are other storage services outside of just EBS volumes. And then, of course, the ultimate: deletion. And that's important even from a compliance perspective as well, right? You've got to retain data for a specific number of years, I think healthcare is like seven years, but then you've—Corey: And then not a day more.Sam: Yeah, and then not a day more because that puts you out of compliance, too. So, policy-based automation is your friend and we see a number of folks building these policies out: gold, silver, bronze tiers based on criticality of data compliance and really just kind of letting the machine do the rest. And you can focus on not babysitting backup.Corey: What was it that led to the rise of snapshots? Because back in my very early days, there was no such thing. We wound up using a bunch of servers stuffed in a rack somewhere and virtualization was not really in play, so we had file systems on physical disks. And how do you back that up? Well, you have an agent of some sort that basically looks at all the files and according to some ruleset that it has, it copies them off somewhere else.It was slow, it was fraught, it had a whole bunch of logic that was pushed out to the very edge, and forget about restoring that data in a timely fashion or even validating a lot of those backups worked other than via checksum. And God help you if you had data that was constantly in the state of flux, where anything changing during the backup run would leave your backups in an inconsistent state. That on some level seems to have largely been solved by snapshots. But what's your take on it? You're a lot closer to this part of the world than I am.Sam: Yeah, snapshots, I think folks have turned to snapshots for the speed, the lack of impact that they have on production performance, and again, just the ease of accessibility. We have access to all different kinds of snapshots for EC2, RDS, EFS throughout the entirety of our AWS environment. So, I think the snapshots are kind of like the default go-to for folks. They can help deliver those very, very quick RPOs, especially in, for example, databases, like you were saying, that change very, very quickly and we all of a sudden are stranded with a crash-consistent backup or snapshot versus an application-consistent snapshot. And then they're also very, very quick to recover from.So, snapshots are very, very appealing, but they absolutely do have their limitations. And I think, you know, it's not a one or the other; it's that they've got to go hand-in-hand with something else. And typically, that is an image-based backup that is stored in a separate location to the snapshot because that snapshot is not independent of the disk that it is protecting.Corey: One of the challenges with snapshots is most of them are created in a copy-on-write sense. It takes basically an instant frozen point in time back—once upon a time when we ran MySQL databases on top of the NetApp Filer—which works surprisingly well—we would have a script that would automatically quiesce the database so that it would be in a consistent state, snapshot the file and then un-quiesce it, which took less than a second, start to finish. And that was awesome, but then you had this snapshot type of thing. It wasn't super portable, it needed to reference a previous snapshot in some cases, and AWS takes the same approach where the first snapshot it captures every block, then subsequent snapshots wind up only taking up as much size as there have been changes since the first snapshots. So, large quantities of data that generally don't get access to a whole lot have remarkably small, subsequent snapshot sizes.But that's not at all obvious from the outside, and looking at these things. They're not the most portable thing in the world. But it's definitely the direction that the industry has trended in. So, rather than having a cron job fire off an AWS API call to take snapshots of my volumes as a sort of the baseline approach that we all started with, what is the value proposition that you folks bring? And please don't say it's, “Well, cron jobs are hard and we have a friendlier interface for that.”Sam: [laugh]. I think it's really starting to look at the proliferation of those snapshots, understanding what they're good at, and what they are good for within your environment—as previously mentioned, low RPOs, low RTOs, how quickly can I take a backup, how frequently can I take a backup, and more importantly, how quickly can I restore—but then looking at their limitations. So, I mentioned that they were not independent of that disk, so that certainly does introduce a single point of failure as well as being not so secure. We've kind of touched on the cost component of that as well. So, what Veeam can come in and do is then take an image-based backup of those snapshots, right—so you've got your initial snapshot and then your incremental ones—we'll take the backup from that snapshot, and then we'll start to store that elsewhere.And that is likely going to be in a different account. We can look at the Well-Architected Framework, AWS deeming accounts as a security boundary, so having that cross-account function is critically important so you don't have that single point of failure. Locking down with IAM roles is also incredibly important so we haven't just got a big wide open door between the two. But that data is then stored in a separate account—potentially in a separate region, maybe in the same region—Amazon S3 storage. And S3 has the wonderful benefit of being still relatively performant, so we can have quick recoveries, but it is much, much cheaper. You're dealing with 2.3 cents per gig per month, instead of—Corey: To start, and it goes down from there with sizeable volumes.Sam: Absolutely, yeah. You can go down to S3 Glacier, where you're looking at, I forget how many points and zeros and nines it is, but it's fractions of a cent per gig per month, but it's going to take you a couple of days to recover that da—Corey: Even infrequent access cuts that in half.Sam: Oh yeah.Corey: And let's be clear, these are snapshot backups; you probably should not be accessing them on a consistent, sustained basis.Sam: Well, exactly. And this is where it's kind of almost like having your cake and eating it as well. Compliance or regulatory mandates or corporate mandates are saying you must keep this data for this length of time. Keeping that—you know, let's just say it's three years' worth of snapshots in an EBS volume is going to be incredibly expensive. What's the likelihood of you needing to recover something from two years—actually, even two months ago? It's very, very small.So, the performance part of S3 is, you don't need to take it as much into consideration. Can you recover? Yes. Is it going to take a little bit longer? Absolutely. But it's going to help you meet those retention requirements while keeping your backup bill low, avoiding that bill shock, right, spending tens and tens of thousands every single month on snapshots. This is what I mean by kind of having your cake and eating it.Corey: I somewhat recently have had a client where EBS snapshots are one of the driving costs behind their bill. It is one of their largest single line items. And I want to be very clear here because if one of those people who listen to this and thinking, “Well, hang on. Wait, they're telling stories about us, even though they're not naming us by name?” Yeah, there were three of you in the last quarter.So, at that point, it becomes clear it is not about something that one individual company has done and more about an overall driving trend. I am personalizing it a little bit by referring to as one company when there were three of you. This is a narrative device, not me breaking confidentiality. Disclaimer over. Now, when you talk to people about, “So, tell me why you've got 80 times more snapshots than you do EBS volumes?” The answer is as, “Well, we wanted to back things up and we needed to get hourly backups to a point, then daily backups, then monthly, and so on and so forth. And when this was set up, there wasn't a great way to do this natively and we don't always necessarily know what we need versus what we don't. And the cost of us backing this up, well, you can see it on the bill. The cost of us deleting too much and needing it as soon as we do? Well, that cost is almost incalculable. So, this is the safe way to go.” And they're not wrong in anything that they're saying. But the world has definitely evolved since then.Sam: Yeah, yeah. It's a really great point. Again, it just folds back into my whole having your cake and eating it conversation. Yes, you need to retain data; it gives you that kind of nice, warm, cozy feeling, it's a nice blanket on a winter's day that that data, irrespective of what happens, you're going to have something to recover from. But the question is does that need to be living on an EBS volume as a snapshot? Why can't it be living on much, much more cost-effective storage that's going to give you the warm and fuzzies, but is going to make your finance team much, much happier [laugh].Corey: One of the inherent challenges I think people have is that snapshots by themselves are almost worthless, in that I have an EBS snapshot, it is sitting there now, it's costing me an undetermined amount of money because it's not exactly clear on a per snapshot basis exactly how large it is, and okay, great. Well, I'm looking for a file that was not modified since X date, as it was on this time. Well, great, you're going to have to take that snapshot, restore it to a volume and then go exploring by hand. Oh, it was the wrong one. Great. Try it again, with a different one.And after, like, the fifth or six in a row, you start doing a binary search approach on this thing. But it's expensive, it's time-consuming, it takes forever, and it's not a fun user experience at all. Part of the problem is it seems that historically, backup systems have no context or no contextual awareness whatsoever around what is actually contained within that backup.Sam: Yeah, yeah. I mean, you kind of highlighted two of the steps. It's more like a ten-step process to do, you know, granular file or folder-level recovery from a snapshot, right? You've got to, like you say, you've got to determine the point in time when that, you know, you knew the last time that it was around, then you're going to have to determine the volume size, the region, the OS, you're going to have to create an EBS volume of the same size, region, from that snapshot, create the EC2 instance with the same OS, connect the two together, boot the EC2 instance, mount the volume search for the files to restore, download them manually, at which point you have your file back. It's not back in the machine where it was, it's now been downloaded locally to whatever machine you're accessing that from. And then you got to tear it all down.And that is again, like you say, predicated on the fact that you knew exactly that that was the right time. It might not be and then you have to start from scratch from a different point in time. So, backup tooling from backup vendors that have been doing this for many, many years, knew about this problem long, long ago, and really seek to not only automate the entirety of that process but make the whole e-discovery, the search, the location of those files, much, much easier. I don't necessarily want to do a vendor pitch, but I will say with Veeam, we have explorer-like functionality, whereby it's just a simple web browser. Once that machine is all spun up again, automatic process, you can just search for your individual file, folder, locate it, you can download it locally, you can inject it back into the instance where it was through Amazon Kinesis or AWS Kinesis—I forget the right terminology for it; some of its AWS, some of its Amazon.But by-the-by, the whole recovery process, especially from a file or folder level, is much more pain-free, but also much faster. And that's ultimately what people care about how reliable is my backup? How quickly can I get stuff online? Because the time that I'm down is costing me an indescribable amount of time or money.Corey: This episode is sponsored in part by our friends at Redis, the company behind the incredibly popular open source database. If you're tired of managing open source Redis on your own, or if you are looking to go beyond just caching and unlocking your data's full potential, these folks have you covered. Redis Enterprise is the go-to managed Redis service that allows you to reimagine how your geo-distributed applications process, deliver, and store data. To learn more from the experts in Redis how to be real-time, right now, from anywhere, visit redis.com/duckbill. That's R - E - D - I - S dot com slash duckbill.Corey: Right, the idea of RPO versus RTO: recovery point objective and recovery time objective. With an RPO, it's great, disaster strikes right now, how long is acceptable to it have been since the last time we backed up data to a restorable point? Sometimes it's measured in minutes, sometimes it's measured in fractions of a second. It really depends on what we're talking about. Payments databases, that needs to be—the RPO is basically an asymptotically approaches zero.The RTO is okay, how long is acceptable before we have that data restored and are back up and running? And that is almost always a longer time, but not always. And there's a different series of trade-offs that go into that. But both of those also presuppose that you've already dealt with the existential question of is it possible for us to recover this data. And that's where I know that you are obviously—you have a position on this that is informed by where you work, but I don't, and I will call this out as what I see in the industry: AWS backup is compelling to me except for one fatal flaw that it has, and that is it starts and stops with AWS.I am not a proponent of multi-cloud. Lord knows I've gotten flack for that position a bunch of times, but the one area where it makes absolute sense to me is backups. Have your data in a rehydrate-the-business level state backed up somewhere that is not your primary cloud provider because you're otherwise single point of failure-ing through a company, through the payment instrument you have on file with that company, in the blast radius of someone who can successfully impersonate you to that vendor. There has to be a gap of some sort for the truly business-critical data. Yes, egress to other providers is expensive, but you know what also is expensive? Irrevocably losing the data that powers your business. Is it likely? No, but I would much rather do it than have to justify why I'm not doing it.Sam: Yeah. Wasn't likely that I was going to win that 2 billion or 2.1 billion on the Powerball, but [laugh] I still play [laugh]. But I understand your standpoint on multi-cloud and I read your newsletters and understand where you're coming from, but I think the reality is that we do live in at least a hybrid cloud world, if not multi-cloud. The number of organizations that are sole-sourced on a single cloud and nothing else is relatively small, single-digit percentage. It's around 80-some percent that are hybrid, and the remainder of them are your favorite: multi-cloud.But again, having something that is one hundred percent sole-source on a single platform or a single vendor does expose you to a certain degree of risk. So, having the ability to do cross-platform backups, recoveries, migrations, for whatever reason, right, because it might not just be a disaster like you'd mentioned, it might also just be… I don't know, the company has been taken over and all of a sudden, the preference is now towards another cloud provider and I want you to refactor and re-architect everything for this other cloud provider. If all that data is locked into one platform, that's going to make your job very, very difficult. So, we mentioned at the beginning of the call, Veeam is capable of protecting a vast number of heterogeneous workloads on different platforms, in different environments, on-premises, in multiple different clouds, but the other key piece is that we always use the same backup file format. And why that's key is because it enables portability.If I have backups of EC2 instances that are stored in S3, I could copy those onto on-premises disk, I could copy those into Azure, I could do the same with my Azure VMs and store those on S3, or again, on-premises disk, and any other endless combination that goes with that. And it's really kind of centered around, like control and ownership of your data. We are not prescriptive by any means. Like, you do what is best for your organization. We just want to provide you with the toolset that enables you to do that without steering you one direction or the other with fee structures, disparate feature sets, whatever it might be.Corey: One of the big challenges that I keep seeing across the board is just a lack of awareness of what the data that matters is, where you see people backing up endless fleets of web server instances that are auto-scaled into existence and then removed, but you can create those things at will; why do you care about the actual data that's on these things? It winds up almost at the library management problem, on some level. And in that scenario, snapshots are almost certainly the wrong answer. One thing that I saw previously that really changed my way of thinking about this was back many years ago when I was working at a startup that had just started using GitHub and they were paying for a third-party service that wound up backing up Git repos. Today, that makes a lot more sense because you have a bunch of other stuff on GitHub that goes well beyond the stuff contained within Git, but at the time, it was silly. It was, why do that? Every Git clone is a full copy of the entire repository history. Just grab it off some developer's laptop somewhere.It's like, “Really? You want to bet the company, slash your job, slash everyone else's job on that being feasible and doable or do you want to spend the 39 bucks a month or whatever it was to wind up getting that out the door now so we don't have to think about it, and they validate that it works?” And that was really a shift in my way of thinking because, yeah, backing up things can get expensive when you have multiple copies of the data living in different places, but what's really expensive is not having a company anymore.Sam: Yeah, yeah, absolutely. We can tie it back to my insurance dynamic earlier where, you know, it's something that you know that you have to have, but you don't necessarily want to pay for it. Well, you know, just like with insurances, there's multiple different ways to go about recovering your data and it's only in crunch time, do you really care about what it is that you've been paying for, right, when it comes to backup?Could you get your backup through a git clone? Absolutely. Could you get your data back—how long is that going to take you? How painful is that going to be? What's going to be the impact to the business where you're trying to figure that out versus, like you say, the 39 bucks a month, a year, or whatever it might be to have something purpose-built for that, that is going to make the recovery process as quick and painless as possible and just get things back up online.Corey: I am not a big fan of the fear, uncertainty, and doubt approach, but I do practice what I preach here in that yeah, there is a real fear against data loss. It's not, “People are coming to get you, so you absolutely have to buy whatever it is I'm selling,” but it is something you absolutely have to think about. My core consulting proposition is that I optimize the AWS bill. And sometimes that means spending more. Okay, that one S3 bucket is extremely important to you and you say you can't sustain the loss of it ever so one zone is not an option. Where is it being backed up? Oh, it's not? Yeah, I suggest you spend more money and back that thing up if it's as irreplaceable as you say. It's about doing the right thing.Sam: Yeah, yeah, it's interesting, and it's going to be hard for you to prove the value of doing that when you are driving their bill up when you're trying to bring it down. But again, you have to look at something that's not itemized on that bill, which is going to be the impact of downtime. I'm not going to pretend to try and recall the exact figures because it also varies depending on your business, your industry, the size, but the impact of downtime is massive financially. Tens of thousands of dollars for small organizations per hour, millions and millions of dollars per hour for much larger organizations. The backup component of that is relatively small in comparison, so having something that is purpose-built, and is going to protect your data and help mitigate that impact of downtime.Because that's ultimately what you're trying to protect against. It is the recovery piece that you're buying is the most important piece. And like you, I would say, at least be cognizant of it and evaluate your options and what can you live with and what can you live without.Corey: That's the big burning question that I think a lot of people do not have a good answer to. And when you don't have an answer, you either backup everything or nothing. And I'm not a big fan of doing either of those things blindly.Sam: Yeah, absolutely. And I think this is why we see varying different backup options as well, you know? You're not going to try and apply the same data protection policies each and every single workload within your environment because they've all got different types of workload criticality. And like you say, some of them might not even need to be backed up at all, just because they don't have data that needs to be protected. So, you need something that is going to be able to be flexible enough to apply across the entirety of your environment, protect it with the right policy, in terms of how frequently do you protect it, where do you store it, how often, or when are you eventually going to delete that and apply that on a workload by workload basis. And this is where the joy of things like tags come into play as well.Corey: One last thing I want to bring up is that I'm a big fan of watching for companies saying the quiet part out loud. And one area in which they do this—because they're forced to by brevity—is in the title tag of their website. I pull up veeam.com and I hover over the tab in my browser, and it says, “Veeam Software: Modern Data Protection.”And I want to call that out because you're not framing it as explicitly backup. So, the last topic I want to get into is the idea of security. Because I think it is not fully appreciated on a lived-experience basis—although people will of course agree to this when they're having ivory tower whiteboard discussions—that every place your data lives is a potential for a security breach to happen. So, you want to have your data living in a bunch of places ideally, for backup and resiliency purposes. But you also want it to be completely unworkable or illegible to anyone who is not authorized to have access to it.How do you balance those trade-offs yourself given that what you're fundamentally saying is, “Trust us with your Holy of Holies when it comes to things that power your entire business?” I mean, I can barely get some companies to agree to show me their AWS bill, let alone this is the data that contains all of this stuff to destroy our company.Sam: Yeah. Yeah, it's a great question. Before I explicitly answer that piece, I will just go to say that modern data protection does absolutely have a security component to it, and I think that backup absolutely needs to be a—I'm going to say this an air quotes—a “first class citizen” of any security strategy. I think when people think about security, their mind goes to the preventative, like how do we keep these bad people out?This is going to be a bit of the FUD that you love, but ultimately, the bad guys on the outside have an infinite number of attempts to get into your environment and only have to be right once to get in and start wreaking havoc. You on the other hand, as the good guy with your cape and whatnot, you have got to be right each and every single one of those times. And we as humans are fallible, right? None of us are perfect, and it's incredibly difficult to defend against these ever-evolving, more complex attacks. So backup, if someone does get in, having a clean, verifiable, recoverable backup, is really going to be the only thing that is going to save your organization, should that actually happen.And what's key to a secure backup? I would say separation, isolation of backup data from the production data, I would say utilizing things like immutability, so in AWS, we've got Amazon S3 object lock, so it's that write once, read many state for whatever retention period that you put on it. So, the data that they're seeking to encrypt, whether it's in production or in their backup, they cannot encrypt it. And then the other piece that I think is becoming more and more into play, and it's almost table stakes is encryption, right? And we can utilize things like AWS KMS for that encryption.But that's there to help defend against the exfiltration attempts. Because these bad guys are realizing, “Hey, people aren't paying me my ransom because they're just recovering from a clean backup, so now I'm going to take that backup data, I'm going to leak the personally identifiable information, trade secrets, or whatever on the internet, and that's going to put them in breach compliance and give them a hefty fine that way unless they pay me my ransom.” So encryption, so they can't read that data. So, not only can they not change it, but they can't read it is equally important. So, I would say those are the three big things for me on what's needed for backup to make sure it is clean and recoverable.Corey: I think that is one of those areas where people need to put additional levels of thought in. I think that if you have access to the production environment and have full administrative rights throughout it, you should definitionally not—at least with that account and ideally not you at all personally—have access to alter the backups. Full stop. I would say, on some level, there should not be the ability to alter backups for some particular workloads, the idea being that if you get hit with a ransomware infection, it's pretty bad, let's be clear, but if you can get all of your data back, it's more of an annoyance than it is, again, the existential business crisis that becomes something that redefines you as a company if you still are a company.Sam: Yeah. Yeah, I mean, we can turn to a number of organizations. Code Spaces always springs to mind for me, I love Code Spaces. It was kind of one of those precursors to—Corey: It's amazing.Sam: Yeah, but they were running on AWS and they had everything, production and backups, all stored in one account. Got into the account. “We're going to delete your data if you don't pay us this ransom.” They were like, “Well, we're not paying you the ransoms. We got backups.” Well, they deleted those, too. And, you know, unfortunately, Code Spaces isn't around anymore. But it really kind of goes to show just the importance of at least logically separating your data across different accounts and not having that god-like access to absolutely everything.Corey: Yeah, when you talked about Code Spaces, I was in [unintelligible 00:32:29] talking about GitHub Codespaces specifically, where they have their developer workstations in the cloud. They're still very much around, at least last time I saw unless you know something I don't.Sam: Precursor to that. I can send you the link—Corey: Oh oh—Sam: You can share it with the listeners.Corey: Oh, yes, please do. I'd love to see that.Sam: Yeah. Yeah, absolutely.Corey: And it's been a long and strange time in this industry. Speaking of links for the show notes, I appreciate you're spending so much time with me. Where can people go to learn more?Sam: Yeah, absolutely. I think veeam.com is kind of the first place that people gravitate towards. Me personally, I'm kind of like a hands-on learning kind of guy, so we always make free product available.And then you can find that on the AWS Marketplace. Simply search ‘Veeam' through there. A number of free products; we don't put time limits on it, we don't put feature limitations. You can backup ten instances, including your VPCs, which we actually didn't talk about today, but I do think is important. But I won't waste any more time on that.Corey: Oh, configuration of these things is critically important. If you don't know how everything was structured and built out, you're basically trying to re-architect from first principles based upon archaeology.Sam: Yeah [laugh], that's a real pain. So, we can help protect those VPCs and we actually don't put any limitations on the number of VPCs that you can protect; it's always free. So, if you're going to use it for anything, use it for that. But hands-on, marketplace, if you want more documentation, want to learn more, want to speak to someone veeam.com is the place to go.Corey: And we will, of course, include that in the show notes. Thank you so much for taking so much time to speak with me today. It's appreciated.Sam: Thank you, Corey, and thanks for all the listeners tuning in today.Corey: Sam Nicholls, Director of Public Cloud at Veeam. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, along with an angry insulting comment that takes you two hours to type out but then you lose it because you forgot to back it up.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.
We sit down with Kit Colbert (SVP and CTO @ VMWare) and discuss his experiences, lessons, and approaches to leading across different orders of magnitude PLUS his approach to high leverage, high ROI communication at different scales. We cover his perspectives on lessening execution risk and creating stability through change, letting go of being a “technologist,” navigating the dilemma between macro and micro granularity in leadership, and building an innovation system.ABOUT KIT COLBERTKit Colbert joined VMware in September 2003 (following an internship in 2002) and currently serves as senior vice president and chief technology officer. He is responsible for ensuring VMware's long-term technology leadership through research and innovation programs, with the primary goal of positively impacting and shaping the future of VMware, its ecosystem, and its customers. As CTO, Colbert will shape the technical vision for the company, and the transformation to a cloud and subscription-centric R&D organization. His oversight includes advancing research and development efforts, overseeing the VMware Engineering Services team, the Design/UX team and the company's ESG commitments.Prior to September 2021, Colbert served in multiple roles, including VMware's Cloud CTO, General Manager of VMware's Cloud-Native Apps business, CTO for VMware's End-User Computing Business, and as the lead architect for the VMware vRealize Operations Suite. Colbert joined VMware as the technical lead behind the creation, development and delivery of the vMotion and Storage vMotion features in VMware vSphere."What I try to focus on is, what's the outcome or the benefit that I'm looking for? And, you know, leaving the “how” as much as possible up to them. But I'm also open to being challenged and I find oftentimes that I don't really fully understand the space and the way that they do. And so I'm saying, ‘Here's kinda what we want and here's how I think we should do it.' But then they'll say, ‘No, that doesn't make sense here. You know, here's how we should be really be thinking about.' And so that back and forth actually creates a better solution in the end.”- Kit Colbert Our in-person conference ELC Annual returns 10/27-28!Learn from 60+ of the best engineering leaders in the industry / Critical insights on leadership, career and technology / Plus tons of experiences optimized for deep conversations & meaningful connections - all to help you build your support network!Don't miss out on being part of the biggest celebration of engineering leadership of the year!Grab your ticket HERE: sfelc.com/annual2022SHOW NOTES:Kit's Leadership Leap from 150 to 2300 People (2:05)How guardrails lessen risks and create stability through change (4:24)How to prepare to increase your scope and lead larger teams (8:21)Identifying existential opportunities and getting ahead of foundational industry changes (12:38)Letting go of being a “technologist” & relying on others for technical insight (16:08)How clear communication is one of the highest leverage, highest ROI things you can do as a leader (18:27)Framework to prepare your communication plan at big team moments (21:56)Balancing the dilemma of micro and macro granularity in leadership (26:11)Strategies to guide and influence people to your desired outcomes (28:18)How to operationalize innovation and build an innovation system (33:23)Rapid fire questions (37:53)LINKS AND RESOURCESAtomic Habits - This breakthrough book from James Clear is the most comprehensive guide on how to change your habits and get 1% better every day.
VMware vSphere 8, the enterprise workload platform, brings the benefits of cloud to on-premises workloads, supercharges performance through DPUs and GPUs, and accelerates innovation with an enterprise-ready integrated Kubernetes runtime. This week on the Virtually Speaking Podcast Pete and John welcome Féidhlim O'Leary to discuss the details of this release. Read more
Dell Technologies is introducing new infrastructure solutions, co-engineered with VMware, that deliver greater automation and performance for organizations embracing multicloud and edge strategies. “Customers tell us they want help simplifying their multicloud and edge strategies as they look to drive more efficiency and performance from their IT,” said Jeff Boudreau, president, of Dell Technologies Infrastructure Solutions Group. “Dell Technologies and VMware have numerous joint engineering initiatives spanning core IT areas such as multicloud, edge and security to help our customers more easily manage and gain value from their data.” Business data and applications continue to grow in multicloud environments comprised of edge locations, public clouds and on-premises IT. Many organizations have already adopted a multicloud approach, and the number of applications running at the edge will grow 800% by 2024. “IDC's global research shows many organizations are struggling to balance the rapidly rising complexity and cost of data centre, edge and cloud operations with relentless business demand for better data integration, security and application performance,” notes Mary Johnston Turner, IDC research vice president, future of digital infrastructure agenda. “These organizations recognize the need for a consistent operating model tightly integrated with infrastructure platforms that support sophisticated, large scale data-driven workloads.” Dell VxRail delivers greater performance and smallest-ever systems at the edge Dell is introducing several new VxRail systems and software advancements that improve performance on-premises and at the edge including the industry's only jointly engineered HCI-based DPU solution with VMware. Improved system performance: A result of co-engineering with VMware and its Project Monterey initiative, VxRail systems support new VMware vSphere 8 software that has been rearchitected to run on DPUs. Customers can improve application and networking infrastructure performance and improve TCO by moving these services from a system's CPU to its new onboard DPU. Support demanding workloads: Select VxRail systems now support VMware's new vSAN Enterprise Storage Architecture (ESA). With up to 4x vSAN performance improvement, customers can better support demanding mission-critical applications. Smallest edge systems: VxRail rugged modular nodes deliver high performance and scalability in the system's smallest form factor to date. Modular nodes are ideal for edge use cases including healthcare, energy and utilities and digital cities because of VxRail's industry-first, on-board hardware witness, which allows for deployment in high latency, low bandwidth locations. “The increasing demand for software-defined infrastructure services for networking, storage and security places more demands on already-strained CPUs. As more distributed, resource-intensive applications are onboarded, there is a need to reimagine data centre architecture to fully support the requirements of these applications,” said Krish Prasad, senior vice president & general manager, Cloud Infrastructure Business Group, VMware. “Dell VxRail with VMware vSphere 8 will deliver a foundation for next-generation data centre architecture by running infrastructure services on the DPU. This will enable greater network and application performance and a new level of sophistication in adopting Zero Trust security strategies to protect modern enterprise workloads.” Dell APEX expands multicloud and edge support for VMware environments Dell is adding several offers to its APEX portfolio for VMware workloads that speed development of cloud-native apps and better allocate compute and storage resources for applications at the edge. APEX Cloud Services with VMware Cloud adds managed VMware Tanzu Kubernetes Grid services, which allows IT teams to help developers move faster by using a container-based approach to application development. With Dell-managed Tanzu servic...
VMware's new vSphere offering is an industry-leading workload platform, that allows current and new on-premises infrastructures to be cloud connected while shifting to an OpEx-based consumption model with pay-as-you-grow subscription. This week on the Virtually Speaking Podcast Pete and John welcome Ken Werneburg and Dave Morera to discuss the details of this new offering. Read more
In this week's podcast, Keith invites Independent Analyst Melissa Palmer(@vmiss33) to discuss Ransomware. Melissa is a VMware vSphere and Storage expert with years of experience. She blogs on vmiss.net.
We are fortunate to have Abhishek Tiwari, from the Azure Networking team, join us again on the podcast, this time to discuss the Front Door service. Media File: https://azpodcast.blob.core.windows.net/episodes/Episode419.mp3 YouTube: https://youtu.be/QrNMpugD4zA Resources: Front Door Announcement Updates: General availability: Bring your own IP ranges to Azure Public preview: Simplified compute node communication Public preview: Azure Bastion support for Kerberos authentication Public preview: Azure Arc integration with VMware vSphere and Azure VMware Solution Public preview: Azure Cosmos DB partition key advisor notebook Join us at the Innovate for Impact digital event
April 6, 2022: https://www.linkedin.com/in/ittai-dayan-md-89447167/ (Ittai Dayan, MD), Cofounder and CEO of https://www.rhinohealth.com/ (Rhino Health) and https://www.linkedin.com/in/mtilkin/ (Mike Tilkin), CIO at https://www.acr.org/ (American College of Radiology) join http://linkedin.com/in/IntegratorBrad (Brad Genereaux), Medical Imaging & Smart Hospitals Alliance Manager for https://www.nvidia.com/en-us/ (NVIDIA) to discuss Federated AI Learning models. They deep dive into the NVIDIA AI Enterprise on VMware vSphere with https://tanzu.vmware.com/ (VMware Tanzu) solution mixed with ACR Connect powered by Rhino Platform. What kind of work is the American College of Radiology doing in this area? With data connections to the various member organizations, how does this allow the community to work together on AI problems? Why is it important to move the compute towards the edge? What does it take to stand up a model like this and unlock the power of AI in the enterprise? Where would a CTO or CIO start this process? Key Points: 00:00:00 - Intro 00:03:45 - The problem space right now is providing education for tools that are going to help healthcare folks validate algorithms 00:05:55- What we've done with NVIDIA certified systems and AI enterprise with VMware as our virtualization stack is create an ecosystem where we can build all of our applications on one environment https://www.rhinohealth.com/ (Rhino Health) https://www.acrdsi.org/ (American College of Radiology - Data Science Institute) https://www.nvidia.com/en-us/ (NVIDIA) https://tanzu.vmware.com/ (VMware Tanzu)
March 23, 2022: https://www.linkedin.com/in/lyudkovitch/ (Laurence Yudkovitch), Product Manager and https://www.linkedin.com/in/josh-dagenhart-91997438/ (Josh Dagenhart), AI Solutions Architect-Manager at https://www.icadmed.com/ (iCAD) join https://linkedin.com/in/IntegratorBrad (Brad Genereaux), Medical Imaging & Smart Hospitals Alliance Manager for https://www.nvidia.com/en-us/ (NVIDIA) to discuss the next evolution of radiology solutions with integrated AI. Specifically the NVIDIA AI Enterprise on VMware vSphere with https://tanzu.vmware.com/ (VMware Tanzu) solution. What do Customers Look for in an Imaging AI Solution? What are infrastructure considerations? What about high availability and disaster recovery? Where is the market going with modern apps? Key Points: 00:00:00 - Intro 00:03:30 - 40 million mammograms done annually 00:05:00 - Our key value proposition is reducing the amount of radiologist read time by over 50% 00:12:15- How do you make clinicians more productive? More effective? 00:24:00 - It used to be PACS interoperability. Now it's platform interoperability. https://www.icadmed.com/ (iCAD) https://www.nvidia.com/en-us/ (NVIDIA) https://tanzu.vmware.com/ (VMware Tanzu)
Emmanuel et Arnaud reviennent sur la fameuse faille #log4shell qui a fait travailler beaucoup d'équipes Java en décembre et janvier. Enregistré le 11 février 2022 Téléchargement de l'épisode LesCastCodeurs-Episode–272.mp3 Interview Quelle est cette vulnérabilité et pourquoi est-elle si dangereuse ? CVE–2021–44228 Reportée chez Apache le 24 Novembre, Enregistrée en CVE le 26 Nov Probablement connue depuis au moins Mars 2021: https://github.com/nice0e3/log4j_POC fix 2.15.0 le 10 décembre Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints. Severity CVSS de 10 sur 10 jamais vu Back to basics: C'est quoi JNDI? the JNDI features used in configurations, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI related endpoints l'attaquant trouve une donnée utilisateur qui est loggée Pas que HTTP et injecte {JNDI:ldap pointant vers un ldap malicieux qui retour du code java sérialisé log4j deserialise et execute ce que l'on veut que log4j2-core pas api détail de Lunasec log4j zero day mitigations initiales CVE–2021–45046 2.16.0 (change des fonctionalités) le 13 décembre Apache Log4j2 Thread Context Lookup Pattern vulnerable to remote code execution in certain non-default configurations When the logging configuration uses a non-default Pattern Layout with a Context Lookup $${ctx:loginId}) attackers with control over Thread Context Map (MDC / Mapped Diagnostic Context) input data can craft malicious input data using a JNDI Lookup pattern donc on peut injected une chaine JNDI encore mais on doit savoir comment de la date utilisateur on peut pousser dans une Thread Context Map référencée par la config on alors l'attaquant a accès à la config et c'est game over Initialement on parlait de denial of services via une reference infinie probablement c'est une chemin qui n'était pas protégé des interpolations de messages et donc de l'accès JNDI CVE–2021–45105 fix dans 2.17.0 le 18 décembre recursion non controlée dans un lookup auto référentiel When the logging configuration uses a non-default Pattern Layout with a Context Lookup (for example, $${ctx:loginId} Besoin de l'attaquant control de Thread Context Map (peut etre une donnée injectée par un framework d'une entrée utilisateur changer la config log4j locale? CVE–2021–44832 2.17.1 le 27 décembre Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. attaquant accede et modifie la config pas simple sauf si la plateforme permet la reconfiguration par un utilisateur??? log Google package analysis montre 8% de packages sur central affectés par log4j 2 niveau de dépendance transitive monte jusqu'à 9 du coup il y a neuf vendeurs qui doivent corriger leurs dépendances Toujours plus de 40% de téléchargement sur Maven central des versions impactées Log4j1 n'est pas en reste: JMSAppender JMS dit JNDI et paf on recommence JDBCAppender SQL injection FTW log4j1 n'est plus maintenue ah merde! Apache Kafka Reload4j de ceki 1.2.17 compatible voir les fixes Des exploitations ? Peu au final Car chaque usage de log4j est unique Entrée quoi est loggé etc Donc trop dur pour les script kiddies Mais dans les megasploits et autres toolkits d'attaque VMware vSphere et Hoirizon Ubiquity Solarwind etc Quel process suivre verifier la véracité de la CVE et comprendre ses vecteurs d'attaque identifier ses dépendances et donc ses soft impacté identifier les éléments fournis par l'utilisateur qui sont loggés définir le risque par software et par service appliquer le patch de sécurité et reconstruire le package déployer ou livrer chez les clients répéter pour les semaines à venir shading? :) Impact de l'industrie dans le futur La chine a tapé sur les doigts Alibaba qui n'a pas donné cette faille d'abord au gouvernement chinois The Gift of It's Your Problem Now Discussion sur le paiement et l'open source Pour un individuel l'open source est un cadeau, et donner de l'argent n'améliore pas le cadeau Injecter de la compensation financière dans un cadeau casse le cadeau et ne change pas la motivation (ou la casse) Pour une société, l'open source est un moyen de récupérer du feedback et du marketing, donc c'est une transaction et pas un cadeau Un autre article similaire burden open source maintainer colors faker mainteneur rajoute une boucle infinie dans un package modems très utilisé en protestation de non contribution (financière) 20 millions de téléchargements par semaine GitHub a bloqué son compte et nom a remis une ancienne version un peu de temps avant il s'est fait copié son idée de faker.js as a service Reflection on log4shell par diabolical developer marathon pas un sprint, on fatigue après 5 ou 6 jours a fond, donc faites des rotations comm sur le réseau, que regarder : Adding encryption, Auth/Auth, I sanitize data that goes over the wire, I sanitize input that could execute, DOS protection – backoff strategies and more. supply chain sécurisation and component governance OSS funding (hum?) Nous contacter Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Faire un crowdcast ou une crowdquestion Contactez-nous via twitter https://twitter.com/lescastcodeurs sur le groupe Google https://groups.google.com/group/lescastcodeurs ou sur le site web https://lescastcodeurs.com/
In this interview, I sit down with with Matt Douglas, Chief Enterprise Architect at Sentara and Optima Health and Chris Logan, Executive Healthcare Advisor at VMware. You can check out the full interview at the bottom of this article.. Douglas shares why Sentara and Optima Health made the decision to move their Epic EHR to VMware vSphere and vSAN running on the Azure cloud. That's a big decision for any organization. In fact, I asked Douglas if he was worried about virtualizing such an important application and moving it to the cloud. His response highlighted something we often forget. Not moving to a modern architecture that includes virtualization and the cloud carries many risks as well. Learn more about VMware: https://www.vmware.com/solutions/industry/healthcare-it-solutions.html Find more great health IT content: https://www.healthcareittoday.com/
Ian and Lindsey speak about the new 15th Generation PowerEdge Servers and their support for customer deployments using VMware.
Microsoft SQL can perform really well on virtualized infrastructure if tuned properly. It can also perform really poorly if you don't know what to tune or what to watch out for. David Klee (https://twitter.com/kleegeek) shares best practices and his favorite tips and tricks to troubleshoot and tune MS SQL on VMware vSphere and other hypervisors. Resources: https://www.davidklee.net/ https://www.heraflux.com/ https://www.sqlibrium.com/ https://www.hfxte.ch/perfmon
As Kubernetes evolves beyond 5yrs of adoption, many say that it is becoming “boring”. So where does the popular open source project and community go next? SHOW: 509SHOW SPONSORS:Join Turbonomic, Kelsey Hightower, and Corey Quinn for the Apps ON Cloud Summit May 11-13. Swag & giveaways!Zesty Homepage - Real Time Cloud SavingsFree cloud cost-savings evaluation from ZestySee how O’Reilly online learning can help your tech teams. Request a free demo now.CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW NOTES:Kubernetes 1.21 release announcementKubeConEU 2021Cloud, the Edge and Kubernetes (podcast)If Kubernetes is boring, what’s next for Kubernetes?Kubernetes has now shipped 21 releases, which is nearly as many as OpenStack (24 releases), and more than VMware vSphere (12-15 releases).Kubernetes is shifting from 4 releases a year to 3 releases a year. On average, 170-180 companies are contributing monthly. It’s widely available both in private cloud and public cloudsLarge percentage of larger companies have projects running on KubernetesSo what might be next? To some extent, the projects surrounding and adjacent to Kubernetes are gaining attention and momentum - Serverless, Service Mesh, Multi-Cluster Management Tools, Security Tools, Operators, Helm ChartsKubernetes is being used across Private Clouds, Public Clouds, a variety of Edge use-cases, and is gaining adoption by Telcos for 5G/Edge use-cases.Beginning to see some thinking and frameworks around how to use Kubernetes as a Hybrid/Multi-Cloud control plane, not just for Cluster deployment. Edge use-cases are interesting, since Edge has so many varied deployment models - Does Kubernetes need to be miniaturized? Does Kubernetes ship too often?AI/ML/Analytics use-cases are exploding as most frameworks are making Kubernetes the default orchestration framework.Gitops is starting to gain some momentum as an automated, single-source-of-truth management model for Kubernetes clusters and application deployment.The new way of companies using the public cloud are now trying to figure out how to manage Cloud costs, especially as Kubernetes drives more self-service engagement with platforms.FEEDBACK?Email: show at thecloudcast dot netTwitter: @thecloudcastnet
This week, we discuss the new Virtual Desktop Service offering from NetApp with Technical Marketing Engineer Suresh Thoppay!
More digital will mean more cloud. Now in the second year, the Covid-19 coronavirus pandemic has prompted an acceleration in the adoption of cloud technologies by IT leaders worldwide, which looks set to continue for the foreseeable future. Previously organisations have primarily looked at new application development and deployment for cloud, taking a ‘cloud first’ approach. However many have now pivoted towards a ‘cloud now’ approach. In this two-part episode Neira talks to Chris Harris, EMEA Technical Director at Thales and Vaughn Stewart, VP of Technology Alliance Partners, Pure Storage. Vaughn Stewart, VP of Technology Alliance Partners, Pure Storage Vaughn helps organisations capitalise on what’s possible when pairing memory-based storage technologies with tradiditional and next-generation applications. Prior to joining Pure, he spent 13 years in various leadership roles at NetAPll and has been awarded a U.S. patent. Vaughn strives to simplify the technically complex and advocates thinking outside the box. You can find his perspective online at vaughnstewart.com and in print; he has co-authored multiple books including “Virtualisation Changes Everything: Storage Strategies for VMware vSphere & Cloud Computing. You can connect with Vaughn on Linked in or Twitter Chris Harris, EMEA Technical Director at Thales Chris has over twenty-five years' experience in IT Security with a strong track record providing expert consultancy, pre-sales support and technical assistance to customers across EMEA, in addition to developing and leading a large pan-EMEA team of Pre-Sales Consultants and Sales Engineers. With a strong technical focus on data and information protection solutions, Chris can talk very knowledgably on a vast range of Cybersecurity, Identity Management, Cloud Encryption & Security as well as Cloud Security and Security-as-a-Service offerings. He plays a key role in managing customer and partner relationships across the region, as well as scaling the team, ensuring it has the structure and skills in place to solve problems for customers and respond to market needs. Having joined Thales through its recent acquisition of Gemalto, Chris previously managed the cyber-security pre-sales organisation across EMEA. He has over 20 years’ experience in the group through various company acquisitions that has seen his EMEA Pre-Sales role evolve as the product portfolio grew significantly. With a passion for technology, he keeps acquainting himself with the technical detail, often feeding back the field experience to product management to help advance offerings. He has been pivotal in developing a strong pre-sales technical team across EMEA all equally as passionate for customer excellence. He brings with him a wealth of experience spanning: Hardware Security Modules (HSM), PKI & Digital Certificates, Smart Cards, Tokens, Network Encryption, Database Encryption, Storage Security/Encryption, Cryptographic Hardware and Software. Chris holds a Bachelor of Science degree from the University of Herfordshire. You can connect with Chris on LinkedIn and Twitter.
With the development and deployment of modern applications based on Kubernetes and Tanzu, there is a need for object storage. Lawrence Chiu from Dell Technologies discusses the need for object storage and how Dell Technologies is providing for this need with VMware Tanzu
More digital will mean more cloud. Now in the second year, the Covid-19 coronavirus pandemic has prompted an acceleration in the adoption of cloud technologies by IT leaders worldwide, which looks set to continue for the foreseeable future. Previously organisations have primarily looked at new application development and deployment for cloud, taking a ‘cloud first’ approach. However many have now pivoted towards a ‘cloud now’ approach. In this two-part episode Neira talks to Chris Harris, EMEA Technical Director at Thales and Vaughn Stewart, VP of Technology Alliance Partners, Pure Storage. Vaughn Stewart, VP of Technology Alliance Partners, Pure Storage Vaughn helps organisations capitalise on what’s possible when pairing memory-based storage technologies with tradiditional and next-generation applications. Prior to joining Pure, he spent 13 years in various leadership roles at NetAPll and has been awarded a U.S. patent. Vaughn strives to simplify the technically complex and advocates thinking outside the box. You can find his perspective online at vaughnstewart.com and in print; he has co-authored multiple books including “Virtualisation Changes Everything: Storage Strategies for VMware vSphere & Cloud Computing. You can connect with Vaughn on Linked in or Twitter Chris Harris, EMEA Technical Director at Thales Chris has over twenty-five years' experience in IT Security with a strong track record providing expert consultancy, pre-sales support and technical assistance to customers across EMEA, in addition to developing and leading a large pan-EMEA team of Pre-Sales Consultants and Sales Engineers. With a strong technical focus on data and information protection solutions, Chris can talk very knowledgably on a vast range of Cybersecurity, Identity Management, Cloud Encryption & Security as well as Cloud Security and Security-as-a-Service offerings. He plays a key role in managing customer and partner relationships across the region, as well as scaling the team, ensuring it has the structure and skills in place to solve problems for customers and respond to market needs. Having joined Thales through its recent acquisition of Gemalto, Chris previously managed the cyber-security pre-sales organisation across EMEA. He has over 20 years’ experience in the group through various company acquisitions that has seen his EMEA Pre-Sales role evolve as the product portfolio grew significantly. With a passion for technology, he keeps acquainting himself with the technical detail, often feeding back the field experience to product management to help advance offerings. He has been pivotal in developing a strong pre-sales technical team across EMEA all equally as passionate for customer excellence. He brings with him a wealth of experience spanning: Hardware Security Modules (HSM), PKI & Digital Certificates, Smart Cards, Tokens, Network Encryption, Database Encryption, Storage Security/Encryption, Cryptographic Hardware and Software. Chris holds a Bachelor of Science degree from the University of Herfordshire. You can connect with Chris on LinkedIn and Twitter.
In this podcast, we will look at how VMware is optimizing and expanding the capabilities of vSphere to support modern applications such as event streaming and machine learning platforms. Justin Murray works as a Technical Marketing Architect at VMware. Justin creates technical material and guidance for VMware customers and the VMware field organization to promote the virtualization of modern applications on VMware's vSphere platform. Justin also works closely with VMware's partner ISVs (Independent Software Vendors) to ensure their products work well on vSphere.
Hear about Dell Technologies presence at VMworld – and the different sessions on new Dell Technologies storage integrations with VMware vSphere and Kubernetes. We have quite a number of breakout sessions, birds of a feather sessions, and tech talks (aka vBrown Bags) during VMworld 2020.
VMware is the most trusted virtualization platform on the planet. On today's episode we take a look at how customers are getting more from their VMware investment by integrating their best of breed storage platforms.
vChat (MP3 VERSION) - The Latest in Virtualization and Cloud Computing
In episode #53, David and Simon chat with vExpert Mike Foley (@MikeFoley) of VMware about how to fortify VMware vSphere Security. Here's what you'll learn in this vChat: how the perception of security has changed in the enterprise how vSphere security has changed what's new in vSphere Security with 6.7 the future of vSphere security […]
In episode #53, David and Simon chat with vExpert Mike Foley (@MikeFoley) of VMware about how to fortify VMware vSphere Security. Here's what you'll learn in this vChat: how the perception of security has changed in the enterprise how vSphere security has changed what's new in vSphere Security with 6.7 the future of vSphere security […]
This month we talk with an old friend from Storage Field Day 7 (videos), Kiran Sreenivasamurthy, VP of Product Management for Maxta. Maxta has a software defined storage solution which currently works on VMware vSphere, Red Hat Virtualization and KVM to supply shared, scale out storage and HCI solutions for enterprises across the world. Maxta is similar … Continue reading "52: GreyBeards talk software defined storage with Kiran Sreenivasamurthy, VP Product Management, Maxta"
vChat (MP3 VERSION) - The Latest in Virtualization and Cloud Computing
In vChat #33, our special Christmas 2012 edition, Simon, Eric, and David discuss the latest in virtualization, cloud computing, home labs, iPads, storage, our predictions for 2013. and much much more. Join us! vChat is a regular virtualization video chat covering VMware vSphere, Cloud Computing, Virtualization News, and maybe some geeky humor. Regular contributors are 3 […]
In vChat #33, our special Christmas 2012 edition, Simon, Eric, and David discuss the latest in virtualization, cloud computing, home labs, iPads, storage, our predictions for 2013. and much much more. Join us! vChat is a regular virtualization video chat covering VMware vSphere, Cloud Computing, Virtualization News, and maybe some geeky humor. Regular contributors are 3 […]
vChat (MP3 VERSION) - The Latest in Virtualization and Cloud Computing
In vChat Episode 32 Simon Seagrave, Eric Siebert, and David Davis cover our experience at VMworld 2012 in San Francisco. This includes the VMworld parties, vExpert community events, launch of vSphere 5.1 and the vCloud Suite 5.1, and much much more. Join us! vChat is a regular virtualization video chat covering VMware vSphere, Cloud Computing, […]
In vChat Episode 32 Simon Seagrave, Eric Siebert, and David Davis cover our experience at VMworld 2012 in San Francisco. This includes the VMworld parties, vExpert community events, launch of vSphere 5.1 and the vCloud Suite 5.1, and much much more. Join us! vChat is a regular virtualization video chat covering VMware vSphere, Cloud Computing, […]
vChat (MP3 VERSION) - The Latest in Virtualization and Cloud Computing
In vChat Episode 30 Simon Seagrave, Eric Siebert, and David Davis discuss the London 2012 Olympics XXX, home lab upgrades, new TrainSignal courses, new free virtualization apps, and their plans for VMworld. Join Us ! vChat is a regular virtualization video chat covering VMware vSphere, Cloud Computing, Virtualization News, and maybe some geeky humor. Regular […]
In vChat Episode 30 Simon Seagrave, Eric Siebert, and David Davis discuss the London 2012 Olympics XXX, home lab upgrades, new TrainSignal courses, new free virtualization apps, and their plans for VMworld. Join Us ! vChat is a regular virtualization video chat covering VMware vSphere, Cloud Computing, Virtualization News, and maybe some geeky humor. Regular […]
vChat (MP3 VERSION) - The Latest in Virtualization and Cloud Computing
In vChat Episode 23 David Davis and Eric Siebert talk about the latest news and happenings at VMware Partner Exchange (PEX) 2012, LIVE from Las Vegas! vChat is a regular virtualization video chat covering VMware vSphere, Cloud Computing, Virtualization News, and maybe some geeky humor. Regular contributors are 3 vExperts – Simon Seagrave (TechHead.co.uk), Eric […]
In vChat Episode 23 David Davis and Eric Siebert talk about the latest news and happenings at VMware Partner Exchange (PEX) 2012, LIVE from Las Vegas! vChat is a regular virtualization video chat covering VMware vSphere, Cloud Computing, Virtualization News, and maybe some geeky humor. Regular contributors are 3 vExperts – Simon Seagrave (TechHead.co.uk), Eric […]
vChat (MP3 VERSION) - The Latest in Virtualization and Cloud Computing
In vChat Episode 19 David Davis and Eric Siebert talk LIVE from the VMware vSphere 5 Launch in San Francisco about what's new in the VMware Cloud Infrastructure Suite launch and what it was like to attend the launch in person. We cover things like vSphere 5 Storage DRS, Profile-Driven Storage, host-based replication with SRM, […]
In vChat Episode 19 David Davis and Eric Siebert talk LIVE from the VMware vSphere 5 Launch in San Francisco about what's new in the VMware Cloud Infrastructure Suite launch and what it was like to attend the launch in person. We cover things like vSphere 5 Storage DRS, Profile-Driven Storage, host-based replication with SRM, […]
vChat (MP3 VERSION) - The Latest in Virtualization and Cloud Computing
In vChat #17, Simon, Eric, and David discuss VMworld submissions, EMC World news, Charlotte regional VMUG streaming, VMware books, new Train Signal videos, Home labs, and, not to be forgotten, iPads (of course). vChat is a regular virtualization video chat covering VMware vSphere, Cloud Computing, Virtualization News, and maybe some geeky humor. Regular contributors are […]
In vChat #17, Simon, Eric, and David discuss VMworld submissions, EMC World news, Charlotte regional VMUG streaming, VMware books, new Train Signal videos, Home labs, and, not to be forgotten, iPads (of course). vChat is a regular virtualization video chat covering VMware vSphere, Cloud Computing, Virtualization News, and maybe some geeky humor. Regular contributors are […]
vChat (MP3 VERSION) - The Latest in Virtualization and Cloud Computing
In Episode 14 of our vChat series is a special Holiday Edition! In this vChat, Eric Siebert, Simon Seagrave, and David Davis talk about their year in review and what they want, as VMware Admins, for Christmas. It's great fun so tune in below! vChat is a regular virtualization video chat covering VMware vSphere, Cloud […]
In Episode 14 of our vChat series is a special Holiday Edition! In this vChat, Eric Siebert, Simon Seagrave, and David Davis talk about their year in review and what they want, as VMware Admins, for Christmas. It's great fun so tune in below! vChat is a regular virtualization video chat covering VMware vSphere, Cloud […]