Category: Virtual Machine Manager

Last updated by at .

System Center release cadence

System Center 2019 – What’s new

Microsoft just launched Windows Server 2019 and Windows Admin Center, which also raised the interest in System Center 2019. At Microsoft Ignite, Microsoft was talking about what is new in System Center 2019, the future of System Center, and how it fits in with Windows Admin Center and other management tools.

Microsoft Cloud and Datacenter Management Story

Microsoft Cloud and Datacenter Management Overview

With Microsoft now offering a range of products to manage your Cloud and Datacenter environments, the question comes up “which is the best solution?”. It is not only depending on the size of your company, it also depends on which services you are using and what your job role is. Coming from the Azure site, you have Azure Security and Management, which allows you not only to manage your Azure resources but also integrates and extends with your on-premises environment. System Center is aimed to manage fatacenter environments at scale, and Windows Admin Center helps you to dig deeper to manage individual servers or single cluster management. Both Windows Admin Center and System Center 2019, can be used side by side and both are integrated into Microsoft Azure.

System Center Windows Admin Center better together

System Center vs Windows Admin Center

I often get the question, does Windows Admin Center replace System Center? The answer to this is no, System Center is aimed to do management at a datacenter scale, while Windows Admin Center is giving you deep management access to a single server or clusters. In small environments you might end up using Windows Admin Center only, but in larger datacenter deployments, you are likely to use a combination of System Center and Windows Admin Center.

System Center 2019 Suite Improvements

System Center 2019 Focus

The System Center 2019 release focuses on three main areas. First of all, it adds more capabilities to the existing components and features which were requested by customers. Secondly, it brings integration for the next version of Windows Server, Windows Server 2019 and brings new Windows Server features to life in System Center. Last but not least, System Center 2019 adds more Hybrid Cloud integrations with Microsoft Azure.



Microsoft Exam 70-745

Passed Microsoft Exam 70-745 Implementing a Software-Defined Datacenter

This summer I took the Microsoft beta exam 70-745 Implementing a Software-Defined Datacenter, which focuses on implementing Software-Defined Datacenter solutions, based on Hyper-V, Windows Server, Software Defined Networking and Storage, System Center Virtual Machine Manager, System Center Operations Manager and everything around it.

  • Plan and Implement System Center Virtual Machine Manager (VMM) Core Infrastructure
  • Implement Software-Defined Networking (SDN)
  • Implement Software-Defined Storage
  • Implement Datacenter Compute Solutions with Virtual Machine Manager (VMM)
  • Secure your Software-Defined Datacenter
  • Monitor and Maintain the Software-Defined Datacenter

Passing Exam 745: Implementing a Software-Defined Datacenter validates the skills and knowledge to implement a software-defined datacenter (SDDC) with Windows Server 2016 and Microsoft System Center 2016 Virtual Machine Manager (SCVMM). Candidates have experience implementing and managing highly available SCVMM infrastructures as well as implementing software-defined storage, compute, and networking components.

This week I finally got the message that I passed the Beta exam. If you want to take that exam you should really be familiar with the products and solutions mentioned above, otherwise you will have a hard time passing the exam.

If you want to know more about the exam, check out this link: Microsoft Learning Exam 70-745 Implementing a Software-Defined Datacenter

Also big congrats to all the others who passed the exam like Charbel Nemnom.



Hyper-V Manager ins Azure Server Management Tools SMT

Manage Hyper-V from Azure Server Management Tools

Microsoft released an updated to the Azure Server Management Tools (SMT) and this improves some of the existing tools such as File Explorer and Device Manager. But the big announcement here is, that you now can manage your Hyper-V Server and Virtual Machines directly from Microsoft Azure from where ever you are. This is one of the great examples of using cloud solutions to extend your on premise environment, By using Management as a Service you basically don’t need to updated anything, you just got this new feature available in the Azure portal and you can start using it.

In this update to the Server Management Tools, Microsoft supports the following VM management functionality:

  • Start/Shutdown/Turn off/Pause/Resume
  • Save State/Delete Saved State
  • Take/Apply & rename checkpoints

You can see the Virtual Machines on which are running on the Hyper-V server

Hyper-V Manager in Azure SMT

You can also do basic management of checkpoints

Hyper-V VM in Azure SMT

If you want to know more about the Server Management Tools (SMT) check out my blog post: Manage Nano Server and Windows Server from Azure using Remote Server Management Tools

 



ExpertsLive

Speaking at ExpertsLive 2016 in Amsterdam

Last year I had the chance to speak for the first time at ExpertsLive.nl in Amsterdam. Today I am proud that I will be speaking at ExpertsLive.nl again this year. Next week I will be presenting in two session about Windows Server 2016 together with Michael Rüefli.

Also check out the Savison blog post about ExpertsLive from Isidora Katanić and me: Empower your knowledge at Experts Live 2016!

Presenting ExpertsLive

Greatest Server OS Hits; best of Server 2016

In this presentation we will guide you through the highly anticipated innovations including: •Hyper-V 2016 features •Nano Server •Storage Spaces Direct •Storage Replica •Windows Server Containers •And more

The future of your datacenter: Nano Server and Container

Nano Server is the future of Windows Server. With Nano Server Microsoft created the foundation for Windows Server for the next 20 year. In this session you will get an overview about Nano Server and see some great live demos how you can deploy, manage and operate Nano Server as well as creating applications for it. Get a better understanding of Nano Server and see how you deploy, manage and operate it.



Windows Azure Pack Version PowerShell

Verify installed Windows Azure Pack version

If you want to check which version of Windows Azure Pack is installed or if you want to find out which Update Rollup of Windows Azure Pack is installed you can simply do this using two ways which help you to find the installed Windows Azure Pack version.

You can check the version of the installed Windows Azure Pack components on each server, using the Control Panel – Programs and it shows you the installed components:

Windows Azure Pack Version

You can also use the following PowerShell command to check the installed Windows Azure Pack server

Windows Azure Pack Version PowerShell

You can now compare the version numbers in this list an you can see which Windows Azure Pack Update Rollup is installed. Every component on every sever has to be checked.

Windows Azure Pack (links to KB articles)Version numberBuild Date
Update Rollup 103.33.8196.1404/20/2016
Security Update Rollup 9.13.32.8196.123/2/2016
Update Rollup 8.13.29.8196.011/16/2015
Update Rollup 83.28.8196.4810/28/2015
Update Rollup 7.13.27.8196.38/25/2015
Update Rollup 73.25.8196.757/31/2015
Update Rollup 63.24.8196.354/28/2015
Update Rollup 53.22.8196.482/10/2015
Update Rollup 43.19.8196.2110/21/2014
Update Rollup 33.15.8196.487/22/2014
Update Rollup 23.14.8196.324/16/2014
Update Rollup 13.12.8198.01/20/2014
RTM release3.10.8198.99/16/2013

If you need more information please check the following Microsoft TechNet article: Install Windows Azure Pack updates and verify versions

Thanks to Fulvio Ferrarini (itnetX) which helped me with this blog post.



5Nine Hyper-V Security Agentless

Secure your Hyper-V environment with 5nine Cloud Security 8.1

In the past years I was building several Hyper-V environments together with Enterprise customers and with service providers. In a lot of cases customer wanted more security in there Cloud and Virtualization environment. Security becoming a even more critical part in your datacenter and with a high virtualization rate, it gets even more critical and complex to manage. Especially when Virtual Machines can move from on cluster to another or from one datacenter to another. 5nine is one of the vendors who has a great solution, for this challenges. A couple of years back I wrote a blog post about 5Nine Cloud Security version 4.0. 5nine Cloud Security is a unified security and compliance solution designed to specifically address every Hyper-V security vulnerability across every virtual resource.

Last week at Microsoft Ignite, Microsoft released Windows Server 2016 and Hyper-V 2016, with that 5nine released 5nine Cloud Security 8.1 which supports Windows Server 2016 and Hyper-V 2016.

5nine Cloud Security has some unique key features to secure your environment.

  • Distributed vFirewall – Secure multi-tenant Hyper-V environment and provide VM isolation
  • Agentless Antimalware Detection – Protect Hyper-V with patent-pending agentless Kaspersky or ThreatTrack antivirus now with Real-Time Malware Detection
  • Enforce security compliance

5Nine Hyper-V Security Agentless

Key features

if you look at it on a security features list, 5nine Cloud Security offers you the following security features:

  • Automatically & Instantly Secure all Virtual Machines, Disks, Networks and Switches
  • Choice of Leading Antivirus Engines
  • Agentless AV – Full Virtual Machine Scans
  • Agentless AV – Real-time HTTP Virus and Malware Detection
  • Hyper-V Optimized Real-time Active Protection Agent
  • Agentless Firewall
    • Granular control over each virtual machine using Hyper-V
    • Extensible Switch, no agent required
    • Configure the Advanced / Full Kernel mode Virtual Firewall for each VM individually
    • MAC Address filtering
    • ARP Rules
    • SPI (stateful packet inspection)
    • Network traffic anomaly analysis
    • Inbound and outbound per VM bandwidth throttling
    • MAC broadcast filtering
    • All filtering events logging with more data (UM logs only contain blocked events)
    • Configure network filtering rules on a per-VM basis
    • Set inbound/outbound traffic limits and bandwidth utilization by virtual machine
  • Agentless Intrusion Detection
  • No need to access Guest OS to manage security
  • Centralized signature management with updates to host only
  • Incremental Fast Scans
  • Offline VM Scanning
  • Avoids Host Scanning Storms
  • Support for Windows Server 2012, 2012 R2 and 2016 Hyper-V
  • Supports any guest OS supported by Windows Hyper-V including Linux
  • Meet the security demands of enterprise, management service providers (MSPs), public sector, and hosting providers who leverage Microsoft’s Hyper-V Server and Cloud Platform
  • Provide the first and only seamless agentless compliance and agentless security solution for the Hyper-V Cloud
  • Deliver multi-layered protection together with integrated, agentless antivirus and intrusion detection capabilities
  • Offer unmatched levels of industry-demanded protection and compliance (including PCI-DSS, HIPAA, and Sarbanes-Oxley)
  • Secure the Cloud environment with anti-virus technology that runs with virtually zero performance impact while simultaneously improving virtual machine density
  • Provide network traffic control between virtual machines
  • Enforce secure multi-tenancy and Virtual Machines Security Groups
  • Provide NVGRE support (Hyper-V Network Virtualization)
  • Support for Microsoft Switch Embedded Teaming
  • PowerShell Module for automation

Integration and offerings

5Nine Hyper-V Security System Center VMM Plugin

5Nine Cloud Security also integrated perfectly in your Microsoft System Center environment using a System Center Virtual Machine Manager plugin.

5nine Cloud Security also offers a Windows Azure Pack Resource Provider to offer self-service to your tenants. Azure Pack (WAP) Extension is the only Security as a Service (SECaaS) solution to protect your datacenter, your customers, and their clouds as a free add-on to 5nine Cloud Security. It is the only way to enable tenants to easily manage their own Windows and Linux security policies through the Azure Pack self-service portal. Now hosting and service providers can secure multi-tenant environments and virtual machines in private, hosted or hybrid scenarios, while giving users the ability to easily configure firewalls, intrusion detection, and more.

Architecture

The installation and the management is so easy, you don’t really need any documentation. That’s how a security product should work, it should not make your environment even more complex it should help you to keep your environment secure without adding extra complexity to it. Is used 5nine for several customer environments.

  • The Management Service – This would be your 5nine management server which needs a SQL database (minimum MS SQL Express) and all Hyper-V Hosts are connected to this management server.
  • The Host Management Service – which is basically the software and agent running on the Hyper-V host itself.
  • The Management Console – The console where you can configure everything. The console is simply connected to the management server.
  • The Virtual Machine Manager Plugin – This is a plugin in VMM which allows you to manage rules directly from your System Center Virtual Machine Manager Console
  • Azure Pack Extension – Resource Provider installed on the WAP Tenant and WAP Admin servers

Impressions

5nine host service

5nine is a very light weight solution for the Hyper-V host with not a lot of overhead. On the Hyper-V host you have only two service running and the Hyper-V switch extensions.

5nine-switch-extension

 

Conclusion

Overall I think 5Nine Cloud Security is a must have solution to protect your Hyper-V environment, if you want to do more serious centralized managed security. Especially with the release of 5nine Cloud Security 8.1 directly with the release of Windows Server 2016, 5nine shows how great their development and integration in Hyper-V really is. It always supports the latest features of Hyper-V solve real world needs.

If you need more information, want to buy 5nine Cloud Security or if you need someone to help you integrated 5nine Cloud Security in your environment, feel free to contact me.

 

 



ITCamp 2016

Speaking at ITCamp in Cluj-Napoca

Today, I am proud to announce that I am speaking at the ITCamp in Cluj Napoca, Romania. I am super exiceded since this will be my first visit to Romania and I heard a lot of great feedback about the conference.

Featured Speakers ITCamp

I will present two sessions:

Nano Server – The Future of Windows Server

Nano Server is the future of Windows Server. With Nano Server Microsoft created the foundation for Windows Server for the next 20 year. In this session you will get an overview about Nano Server and see some great live demos how you can deploy, manage and operate Nano Server as well as creating applications for it.

Get a better understanding of Nano Server and see how you deploy, manage and operate it.

What’s new in Windows Server 2016 Hyper-V

With the next version of Microsoft hypervisor Microsoft released some great new features for your Cloud infrastructure. Come to this session to get the details of all the new stuff that is in Hyper-V and learn about how you can play with it “hands-on.” This session includes also the latest updates from the Technical Previews.

ITCamp 2016

Check out the website for more information