Tag: Virtual Machine Manager

Last updated by at .

System Center release cadence

System Center 2019 – What’s new

Microsoft just launched Windows Server 2019 and Windows Admin Center, which also raised the interest in System Center 2019. At Microsoft Ignite, Microsoft was talking about what is new in System Center 2019, the future of System Center, and how it fits in with Windows Admin Center and other management tools.

Microsoft Cloud and Datacenter Management Story

Microsoft Cloud and Datacenter Management Overview

With Microsoft now offering a range of products to manage your Cloud and Datacenter environments, the question comes up “which is the best solution?”. It is not only depending on the size of your company, it also depends on which services you are using and what your job role is. Coming from the Azure site, you have Azure Security and Management, which allows you not only to manage your Azure resources but also integrates and extends with your on-premises environment. System Center is aimed to manage fatacenter environments at scale, and Windows Admin Center helps you to dig deeper to manage individual servers or single cluster management. Both Windows Admin Center and System Center 2019, can be used side by side and both are integrated into Microsoft Azure.

System Center Windows Admin Center better together

System Center vs Windows Admin Center

I often get the question, does Windows Admin Center replace System Center? The answer to this is no, System Center is aimed to do management at a datacenter scale, while Windows Admin Center is giving you deep management access to a single server or clusters. In small environments you might end up using Windows Admin Center only, but in larger datacenter deployments, you are likely to use a combination of System Center and Windows Admin Center.

System Center 2019 Suite Improvements

System Center 2019 Focus

The System Center 2019 release focuses on three main areas. First of all, it adds more capabilities to the existing components and features which were requested by customers. Secondly, it brings integration for the next version of Windows Server, Windows Server 2019 and brings new Windows Server features to life in System Center. Last but not least, System Center 2019 adds more Hybrid Cloud integrations with Microsoft Azure.



Microsoft Exam 70-745

Passed Microsoft Exam 70-745 Implementing a Software-Defined Datacenter

This summer I took the Microsoft beta exam 70-745 Implementing a Software-Defined Datacenter, which focuses on implementing Software-Defined Datacenter solutions, based on Hyper-V, Windows Server, Software Defined Networking and Storage, System Center Virtual Machine Manager, System Center Operations Manager and everything around it.

  • Plan and Implement System Center Virtual Machine Manager (VMM) Core Infrastructure
  • Implement Software-Defined Networking (SDN)
  • Implement Software-Defined Storage
  • Implement Datacenter Compute Solutions with Virtual Machine Manager (VMM)
  • Secure your Software-Defined Datacenter
  • Monitor and Maintain the Software-Defined Datacenter

Passing Exam 745: Implementing a Software-Defined Datacenter validates the skills and knowledge to implement a software-defined datacenter (SDDC) with Windows Server 2016 and Microsoft System Center 2016 Virtual Machine Manager (SCVMM). Candidates have experience implementing and managing highly available SCVMM infrastructures as well as implementing software-defined storage, compute, and networking components.

This week I finally got the message that I passed the Beta exam. If you want to take that exam you should really be familiar with the products and solutions mentioned above, otherwise you will have a hard time passing the exam.

If you want to know more about the exam, check out this link: Microsoft Learning Exam 70-745 Implementing a Software-Defined Datacenter

Also big congrats to all the others who passed the exam like Charbel Nemnom.



5Nine Hyper-V Security Agentless

Secure your Hyper-V environment with 5nine Cloud Security 8.1

In the past years I was building several Hyper-V environments together with Enterprise customers and with service providers. In a lot of cases customer wanted more security in there Cloud and Virtualization environment. Security becoming a even more critical part in your datacenter and with a high virtualization rate, it gets even more critical and complex to manage. Especially when Virtual Machines can move from on cluster to another or from one datacenter to another. 5nine is one of the vendors who has a great solution, for this challenges. A couple of years back I wrote a blog post about 5Nine Cloud Security version 4.0. 5nine Cloud Security is a unified security and compliance solution designed to specifically address every Hyper-V security vulnerability across every virtual resource.

Last week at Microsoft Ignite, Microsoft released Windows Server 2016 and Hyper-V 2016, with that 5nine released 5nine Cloud Security 8.1 which supports Windows Server 2016 and Hyper-V 2016.

5nine Cloud Security has some unique key features to secure your environment.

  • Distributed vFirewall – Secure multi-tenant Hyper-V environment and provide VM isolation
  • Agentless Antimalware Detection – Protect Hyper-V with patent-pending agentless Kaspersky or ThreatTrack antivirus now with Real-Time Malware Detection
  • Enforce security compliance

5Nine Hyper-V Security Agentless

Key features

if you look at it on a security features list, 5nine Cloud Security offers you the following security features:

  • Automatically & Instantly Secure all Virtual Machines, Disks, Networks and Switches
  • Choice of Leading Antivirus Engines
  • Agentless AV – Full Virtual Machine Scans
  • Agentless AV – Real-time HTTP Virus and Malware Detection
  • Hyper-V Optimized Real-time Active Protection Agent
  • Agentless Firewall
    • Granular control over each virtual machine using Hyper-V
    • Extensible Switch, no agent required
    • Configure the Advanced / Full Kernel mode Virtual Firewall for each VM individually
    • MAC Address filtering
    • ARP Rules
    • SPI (stateful packet inspection)
    • Network traffic anomaly analysis
    • Inbound and outbound per VM bandwidth throttling
    • MAC broadcast filtering
    • All filtering events logging with more data (UM logs only contain blocked events)
    • Configure network filtering rules on a per-VM basis
    • Set inbound/outbound traffic limits and bandwidth utilization by virtual machine
  • Agentless Intrusion Detection
  • No need to access Guest OS to manage security
  • Centralized signature management with updates to host only
  • Incremental Fast Scans
  • Offline VM Scanning
  • Avoids Host Scanning Storms
  • Support for Windows Server 2012, 2012 R2 and 2016 Hyper-V
  • Supports any guest OS supported by Windows Hyper-V including Linux
  • Meet the security demands of enterprise, management service providers (MSPs), public sector, and hosting providers who leverage Microsoft’s Hyper-V Server and Cloud Platform
  • Provide the first and only seamless agentless compliance and agentless security solution for the Hyper-V Cloud
  • Deliver multi-layered protection together with integrated, agentless antivirus and intrusion detection capabilities
  • Offer unmatched levels of industry-demanded protection and compliance (including PCI-DSS, HIPAA, and Sarbanes-Oxley)
  • Secure the Cloud environment with anti-virus technology that runs with virtually zero performance impact while simultaneously improving virtual machine density
  • Provide network traffic control between virtual machines
  • Enforce secure multi-tenancy and Virtual Machines Security Groups
  • Provide NVGRE support (Hyper-V Network Virtualization)
  • Support for Microsoft Switch Embedded Teaming
  • PowerShell Module for automation

Integration and offerings

5Nine Hyper-V Security System Center VMM Plugin

5Nine Cloud Security also integrated perfectly in your Microsoft System Center environment using a System Center Virtual Machine Manager plugin.

5nine Cloud Security also offers a Windows Azure Pack Resource Provider to offer self-service to your tenants. Azure Pack (WAP) Extension is the only Security as a Service (SECaaS) solution to protect your datacenter, your customers, and their clouds as a free add-on to 5nine Cloud Security. It is the only way to enable tenants to easily manage their own Windows and Linux security policies through the Azure Pack self-service portal. Now hosting and service providers can secure multi-tenant environments and virtual machines in private, hosted or hybrid scenarios, while giving users the ability to easily configure firewalls, intrusion detection, and more.

Architecture

The installation and the management is so easy, you don’t really need any documentation. That’s how a security product should work, it should not make your environment even more complex it should help you to keep your environment secure without adding extra complexity to it. Is used 5nine for several customer environments.

  • The Management Service – This would be your 5nine management server which needs a SQL database (minimum MS SQL Express) and all Hyper-V Hosts are connected to this management server.
  • The Host Management Service – which is basically the software and agent running on the Hyper-V host itself.
  • The Management Console – The console where you can configure everything. The console is simply connected to the management server.
  • The Virtual Machine Manager Plugin – This is a plugin in VMM which allows you to manage rules directly from your System Center Virtual Machine Manager Console
  • Azure Pack Extension – Resource Provider installed on the WAP Tenant and WAP Admin servers

Impressions

5nine host service

5nine is a very light weight solution for the Hyper-V host with not a lot of overhead. On the Hyper-V host you have only two service running and the Hyper-V switch extensions.

5nine-switch-extension

 

Conclusion

Overall I think 5Nine Cloud Security is a must have solution to protect your Hyper-V environment, if you want to do more serious centralized managed security. Especially with the release of 5nine Cloud Security 8.1 directly with the release of Windows Server 2016, 5nine shows how great their development and integration in Hyper-V really is. It always supports the latest features of Hyper-V solve real world needs.

If you need more information, want to buy 5nine Cloud Security or if you need someone to help you integrated 5nine Cloud Security in your environment, feel free to contact me.

 

 



Webinar PowerShell Scripting and Automation for Hyper-V

Recording: Scripting & Automation in Hyper-V without SCVMM now available

Last week I had the chance to do a Webinar together with Altaro about Scripting & Automation in Hyper-V without SCVMM. Now you can watch the recording from this online webinar.

System Center Virtual Machine Manager (SCVMM) provides some great automation benefits for those organizations that can afford the hefty price tag. However, if SCVMM isn’t a cost effective solution for your business, what are you to do? While VMM certainly makes automation much easier, you can achieve a good level of automation with PowerShell and the applicable PowerShell modules for Hyper-V, clustering, storage, and more.

Are you looking to get grips with automation and scripting?

Join Thomas Maurer, Microsoft Datacenter and Cloud Management MVP, who will use this webinar to show you how to achieve automation in your Hyper-V environments, even if you don’t have SCVMM.

Remember, any task you have to do more than once, should be automated. Bring some sanity to your virtual environment by adding some scripting and automation know-how to your toolbox.

 



Webinar PowerShell Scripting and Automation for Hyper-V

Webinar: Scripting & Automation in Hyper-V without SCVMM

There are some great Webinars coming up and I am proud to speak in one of them with Andrew Syrewicze (Altaro Software and Microsoft MVP) about PowerShell Scripting and Automation in Hyper-V.

System Center Virtual Machine Manager (SCVMM) provides some great automation benefits for those organizations that can afford the hefty price tag. However, if SCVMM isn’t a cost effective solution for your business, what are you to do? While VMM certainly makes automation much easier, you can achieve a good level of automation with PowerShell and the applicable PowerShell modules for Hyper-V, clustering, storage, and more.

Are you looking to get grips with automation and scripting?

Join Thomas Maurer, Microsoft Datacenter and Cloud Management MVP, who will use this webinar to show you how to achieve automation in your Hyper-V environments, even if you don’t have SCVMM.

Remember, any task you have to do more than once, should be automated. Bring some sanity to your virtual environment by adding some scripting and automation know-how to your toolbox.

We’re live on Thursday, 10th December 2015 at 10am EST / 4PM CET (30-45mins + live Q&A!)

Register for the webinar here

Free Webinar about Scripting & Automation in Hyper-V without SCVMM

 



System Center Logo

Summary: Update Rollup 7 for System Center 2012 R2 and Azure Pack now available

Last week Microsoft released Update Rollup 7 (UR7) for System Center 2012 R2 and Windows Azure Pack. And as always, Update Rollup 7 does not only include a bunch of fixes, it also includes some new features. This time especially Windows Azure Pack and System Center Virtual Machine Manager got some nice updates. Components that are fixed and updated in this update rollup

  • Data Protection Manager (3065246)
    • Support for Windows 10 Client operating system
    • Ability to use an alternative DPM server to recover from Azure Backup Vault
    • Improvements for backup on Hyper-V Replica VMs
    • Other improvements and fixes…
  • Orchestrator & SMA (3069115)
    • Orchestrator: some small fixes
    • SMA
      • SMA runbook execution fails if a PowerShell execution policy is set to Unrestricted through a Group Policy Object.
      • Fixed an error when you try to save or import a runbook in SMA
  • Operations Manager (will be released later)
    • The rollup is delayed by few weeks, as engineering team is working on recently reported issues.
  • Service Manager (3063263)
  • Service Provider Foundation (3069355)
    • This update includes general API changes to improve product quality.
  • Virtual Machine Manager (3066340)
    • Support for Windows 10 Client Operating System
    • Support for new Linux Operating Systems (Debian 8)
    • Support for VMWare vCenter 5.5 management scenarios (more infos VMWare vCenter 5.5 management scenarios)
    • Support for Multiple External IP Addresses per Virtual Network
    • Option to Reassociate Orphaned virtual machines to their Service or VM role
    • Support for VMM DHCP Extension PXE/TFP Forwarding
    • Some scale improvements if you have more than 50 Hyper-V Hosts
    • Some Hyper-V Network Virtualization (HNV) fixes and improvements
    • Other fixes…
  • Windows Azure Pack (3069121)
    • Tenants cannot delete the checkpoints of their virtual machines
    • Support for VM names of up to 15 characters
    • Displaying VHD items during virtual machine creation when there are no hardware profiles in the plan
    • Incompatible VHDs are offered to the tenant when attaching a VHD to a virtual machine
    • Support for tenant plan viewing and self-subscription permission based on security groups
    • Support for Shielded Virtual Machine Management when it’s run on Windows Server 2016 Preview
    • Virtual Machine performance data displayed in the tenant portal
    • Other fixes and improvements…
  • Windows Azure Pack Web Sites (3069358)
    • Adds support for IPv6 to IP SSL functionality
    • Changes Web Deploy publishing from publish.domain.com to site.scm.domain.com.
    • Other fixes and improvements…

One of the new features I want to highlight is the possibility to add multiple public (external) IP addresses to  Virtual Network (Using Hyper-V Network Virtualization HVN). This means a tenant can assign multiple public IP addresses on his NAT gateway and do port forwarding, for example if he runs multiple webservers in that VM Network. This is a feature a lot of customers especially service provider have missed for a long time.

Another improvement we can see is the support for the next release of Windows Server and also support for Windows 10.

 



Scale Windows Server Storage Spaces

System Center Operations Manager Management Pack for Windows Server Storage Spaces

Microsoft just released the System Center Operations Manager Management Pack for Windows Server Storage Spaces 2012 R2 to the public. This allows you to monitor your Storage Spaces deployments with Operations Manager.

You can download the Management Pack for Storage Spaces from the Microsoft Download Site.

Monitoring Scenarios

This Management Pack contains rules to monitor physical disk and enclosure state in storage spaces.
Health is calculated by the storage service and is passed to Virtual Machine Manager (VMM) using the Storage Management API (SM-API), and is in turn passed to Operations Manager (OM) through the OM connector for VMM.

Supported Configurations

This management pack requires System Center Operations Manager 2012 SP1 or later. A dedicated Operations Manager management group is not required.

The following table details the supported configurations for the Management Pack for Storage Spaces:

ConfigurationSupport
Virtual Machine Manager2012 R2 with Update Rollup 4 or later installed
Windows Server File Servers2012 R2 with KB 3000850 (November 2014 update rollup) or later
Clustered serversYes

Management Pack Scope

This management pack supports up to:

  • 16 Storage Nodes
  • 12 Storage Pools
  • 120 File Shares

Prerequisites

The following requirements must be met to run this management pack:

  • Operations Manager Connector for Virtual Machine Manager installed and configured.
    https://technet.microsoft.com/en-us/library/hh427287.aspx
  • Configuring this connection will install the required VMM Management Packs.
  • Storage Spaces managed by Virtual Machine Manager
  • KB2913766 “Hotfix improves storage enclosure management for Storage Spaces” must be installed on the VMM server and file server nodes