Category: Uncategorized

Last updated by at .

Oct052016October 5, 2016October 5, 20160Commentby Thomas Maurer
5Nine Hyper-V Security Agentless

Secure your Hyper-V environment with 5nine Cloud Security 8.1

Posted in Cloud, Hyper-V, IT, Microsoft, Powershell, Private Cloud, Server Core, System Center, Uncategorized, Virtual Machine Manager, Virtualization, Windows Azure Pack, Windows Server, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Work

In the past years I was building several Hyper-V environments together with Enterprise customers and with service providers. In a lot of cases customer wanted more security in there Cloud and Virtualization environment. Security becoming a even more critical part in your datacenter and with a high virtualization rate, it gets even more critical and complex to manage. Especially when Virtual Machines can move from on cluster to another or from one datacenter to another. 5nine is one of the vendors who has a great solution, for this challenges. A couple of years back I wrote a blog post about 5Nine Cloud Security version 4.0. 5nine Cloud Security is a unified security and compliance solution designed to specifically address every Hyper-V security vulnerability across every virtual resource.

Last week at Microsoft Ignite, Microsoft released Windows Server 2016 and Hyper-V 2016, with that 5nine released 5nine Cloud Security 8.1 which supports Windows Server 2016 and Hyper-V 2016.

5nine Cloud Security has some unique key features to secure your environment.

  • Distributed vFirewall – Secure multi-tenant Hyper-V environment and provide VM isolation
  • Agentless Antimalware Detection – Protect Hyper-V with patent-pending agentless Kaspersky or ThreatTrack antivirus now with Real-Time Malware Detection
  • Enforce security compliance

5Nine Hyper-V Security Agentless

Key features

if you look at it on a security features list, 5nine Cloud Security offers you the following security features:

  • Automatically & Instantly Secure all Virtual Machines, Disks, Networks and Switches
  • Choice of Leading Antivirus Engines
  • Agentless AV – Full Virtual Machine Scans
  • Agentless AV – Real-time HTTP Virus and Malware Detection
  • Hyper-V Optimized Real-time Active Protection Agent
  • Agentless Firewall
    • Granular control over each virtual machine using Hyper-V
    • Extensible Switch, no agent required
    • Configure the Advanced / Full Kernel mode Virtual Firewall for each VM individually
    • MAC Address filtering
    • ARP Rules
    • SPI (stateful packet inspection)
    • Network traffic anomaly analysis
    • Inbound and outbound per VM bandwidth throttling
    • MAC broadcast filtering
    • All filtering events logging with more data (UM logs only contain blocked events)
    • Configure network filtering rules on a per-VM basis
    • Set inbound/outbound traffic limits and bandwidth utilization by virtual machine
  • Agentless Intrusion Detection
  • No need to access Guest OS to manage security
  • Centralized signature management with updates to host only
  • Incremental Fast Scans
  • Offline VM Scanning
  • Avoids Host Scanning Storms
  • Support for Windows Server 2012, 2012 R2 and 2016 Hyper-V
  • Supports any guest OS supported by Windows Hyper-V including Linux
  • Meet the security demands of enterprise, management service providers (MSPs), public sector, and hosting providers who leverage Microsoft’s Hyper-V Server and Cloud Platform
  • Provide the first and only seamless agentless compliance and agentless security solution for the Hyper-V Cloud
  • Deliver multi-layered protection together with integrated, agentless antivirus and intrusion detection capabilities
  • Offer unmatched levels of industry-demanded protection and compliance (including PCI-DSS, HIPAA, and Sarbanes-Oxley)
  • Secure the Cloud environment with anti-virus technology that runs with virtually zero performance impact while simultaneously improving virtual machine density
  • Provide network traffic control between virtual machines
  • Enforce secure multi-tenancy and Virtual Machines Security Groups
  • Provide NVGRE support (Hyper-V Network Virtualization)
  • Support for Microsoft Switch Embedded Teaming
  • PowerShell Module for automation

Integration and offerings

5Nine Hyper-V Security System Center VMM Plugin

5Nine Cloud Security also integrated perfectly in your Microsoft System Center environment using a System Center Virtual Machine Manager plugin.

5nine Cloud Security also offers a Windows Azure Pack Resource Provider to offer self-service to your tenants. Azure Pack (WAP) Extension is the only Security as a Service (SECaaS) solution to protect your datacenter, your customers, and their clouds as a free add-on to 5nine Cloud Security. It is the only way to enable tenants to easily manage their own Windows and Linux security policies through the Azure Pack self-service portal. Now hosting and service providers can secure multi-tenant environments and virtual machines in private, hosted or hybrid scenarios, while giving users the ability to easily configure firewalls, intrusion detection, and more.

Architecture

The installation and the management is so easy, you don’t really need any documentation. That’s how a security product should work, it should not make your environment even more complex it should help you to keep your environment secure without adding extra complexity to it. Is used 5nine for several customer environments.

  • The Management Service – This would be your 5nine management server which needs a SQL database (minimum MS SQL Express) and all Hyper-V Hosts are connected to this management server.
  • The Host Management Service – which is basically the software and agent running on the Hyper-V host itself.
  • The Management Console – The console where you can configure everything. The console is simply connected to the management server.
  • The Virtual Machine Manager Plugin – This is a plugin in VMM which allows you to manage rules directly from your System Center Virtual Machine Manager Console
  • Azure Pack Extension – Resource Provider installed on the WAP Tenant and WAP Admin servers

Impressions

5nine host service

5nine is a very light weight solution for the Hyper-V host with not a lot of overhead. On the Hyper-V host you have only two service running and the Hyper-V switch extensions.

5nine-switch-extension

 

Conclusion

Overall I think 5Nine Cloud Security is a must have solution to protect your Hyper-V environment, if you want to do more serious centralized managed security. Especially with the release of 5nine Cloud Security 8.1 directly with the release of Windows Server 2016, 5nine shows how great their development and integration in Hyper-V really is. It always supports the latest features of Hyper-V solve real world needs.

If you need more information, want to buy 5nine Cloud Security or if you need someone to help you integrated 5nine Cloud Security in your environment, feel free to contact me.

 

 


Oct232014October 23, 2014October 23, 20140Commentby Thomas Maurer
System Center Universe Europe 2014

My sessions from System Center Universe Europe 2014 available on Channel9

Posted in Uncategorized

As I already posted I was presenting at System Center Universe Europe 2014 (SCU Europe) in Basel this year. Microsoft now made the recordings available on Channel9 and you can now watch them for free.

Disaster Recovery with Azure Site Recovery

Together with Michel Lüscher (Architect at Microsoft) I was showing how you can deploy a fully automated Disaster Recovery solution based on Microsoft Hyper-V Replica, System Center Virtual Machine Manager and Windows Azure Hyper-V Recovery Manager.

Software Defined Networking – Comparison of different solutions

Together with Walter Dey (Former Cisco Distinguished Engineer) I held the session about different SDN (Software Defined Networking) solutions on the market. This session will provide an overview about Software-Defined Networking and compare different solutions such as Microsoft Hyper-V Network Virtualization based on NVGRE and Cisco VXLAN and VMware NSX.


Mar062013March 6, 2013March 6, 20132Commentsby Thomas Maurer

List of Hyper-V and Failover Cluster Hotfixes for Windows Server 2012

Posted in Uncategorized

Windows Server 2012 Logo

As for Windows Server 2008 R2 Microsoft created a TechNet Wiki page with the list for Hyper-V and Failover Cluster hotfixes for Windows Server 2012. This will help you find hotfixes for problems you may experience.

List of Hyper-V Hotfixes for Windows Server 2012 (TechNet Wiki):

http://social.technet.microsoft.com/wiki/contents/articles/15576.hyper-v-update-list-for-windows-server-2012.aspx

List of Failover Cluster Hotfixes for Windows Server 2012 (TechNet Wiki):

http://social.technet.microsoft.com/wiki/contents/articles/15577.list-of-failover-cluster-hotfixes-for-windows-server-2012.aspx

Source: Hans Vredevoort (MVP Virtual Machine) Hyper-V.nu


May292010May 29, 2010May 29, 2010by Thomas Maurer

iPad

Posted in Uncategorized

photo

New photo added to Virtual Home.



Jan142010January 14, 2010February 11, 20104Commentsby Thomas Maurer

Configuring IIS for Silverlight Applications

Posted in Hosting, IIS, IT, Microsoft, Uncategorized, Web, Windows Server, Windows Server 2003

silverlightYou can simply add Silverlight support to your IIS6 webserver running on Windows Server 2003.

To enable IIS 6.0 in Windows Server 2003 or IIS7 in Windows Vista RTM with the appropriate MIME Types, add:

  • .xap     application/x-silverlight-app
  • .xaml    application/xaml+xml
  • .xbap    application/x-ms-xbap

Adding MIME Types by a simple VB script:

  • Here is a VBS script you could run to enable each of these types:


Const ADS_PROPERTY_UPDATE = 2
'
if WScript.Arguments.Count < 2 then
WScript.Echo "Usage: " + WScript.ScriptName + " extension mimetype"
WScript.Quit
end if
'
'Get the mimemap object.
Set MimeMapObj = GetObject("IIS://LocalHost/MimeMap")
'
'Get the mappings from the MimeMap property.
aMimeMap = MimeMapObj.GetEx("MimeMap")
'
' Add a new mapping.
i = UBound(aMimeMap) + 1
Redim Preserve aMimeMap(i)
Set aMimeMap(i) = CreateObject("MimeMap")
aMimeMap(i).Extension = WScript.Arguments(0)
aMimeMap(i).MimeType = WScript.Arguments(1)
MimeMapObj.PutEx ADS_PROPERTY_UPDATE, "MimeMap", aMimeMap
MimeMapObj.SetInfo
'
WScript.Echo "MimeMap successfully added: "
WScript.Echo " Extension: " + WScript.Arguments(0)
WScript.Echo " Type: " + WScript.Arguments(1)

  • If you copy and paste the code above into a VBS file and save it as ADDMIMETYPE.VBS the syntax to add each type would be:

ADDMIMETYPE.VBS .xap application/x-silverlight-app ADDMIMETYPE.VBS .xaml application/xaml+xmlADDMIMETYPE.VBS .xbap application/x-ms-xbap

or you could add it very simple over the IIS Manager.


Sep162009September 16, 2009September 16, 20090Commentby Thomas Maurer

great, incredible, amazing, awesome apple keynote

Posted in Uncategorized

Great, incredible, amazing, awesome apple keynote, isnt it?

source: 9to5mac.com


Sep072008September 7, 2008September 7, 20080Commentby Thomas Maurer

Hello World! Again!

Posted in Uncategorized

 

Hello World iPhone

Hello World iPhone

Lange ist es her…. Aber ab Heute gibts wieder d9pe.ch rund um die Uhr 24/7! In der nächsten Zeit wird es einige Status Updates zu meiner jetztigen Situation geben. Natürlich immer wieder viel neues über Apple & Co.