Tag: Windows Server 2012 R2

Last updated by at .

Install SNMP Feature on Windows Server Core

Install SNMP on Windows Server Core

If you run Windows Server as Core Installation, like Windows Server 2016 Core or any Microsoft Hyper-V Server edition and you want to use SNMP (Simple Network Management Protocol) on that system, you first have to install the SNMP feature on that Core Server. After that you can use the MMC to remotely connect to the services list on the Core Server.

Install SNMP on Windows Server Core

First lets see if the SNMP feature is installed, using PowerShell:

By default the SNMP feature is not installed. To install the SNMP feature on Windows Server Core, you can run the following command:



Windows Server FTP

Install FTP Server on Windows Server

Windows Server has IIS build in, which also offers a FTP server option. The File Transfer Protocol (FTP) is still a very popular protocol that allows users to simply upload and download files. Of course today you have more modern options, however it is still very often used and a lot of legacy applications still support it.

In this blog post I wanna quickly go rough how you can install the FTP Server on Windows Server. I do this on a brand new Windows Server 2019 operating system, however it didn’t really change since early Windows Server versions.

Install FTP Server Feature on Windows Server

Install FTP on Windows Server using PowerShell

First you will need to install the FTP feature. I usually simply do that using PowerShell to install the FTP Server feature in Windows Server. You can also do that using the Server Manager. However, if you want to use PowerShell, you can use the following command:



Windows Server 2019 Upgrade

Windows Server 2019 In-place Upgrade

As another part of my series for Windows Server 2019, this blog post covers the in-place upgrade feature. In-place upgrade allows you to upgrade your existing LTSC versions of Windows Server 2012 R2 or Windows Server 2016 servers to Windows Server 2019. Windows Server 2019 In-place Upgrade allows businesses to quicker update to the latest version. Especially, if you have servers which you might needed to install some dependencies for the applications. I saw a lot of customers which not have documented their server installations and neither used infrastructure as code to deploy them. For these customers it can be hard to upgrade to newer versions of Windows Server. With the Windows Server 2019 In-Place Upgrade feature, this should get a lot easier. Especially since Windows Server 2019 bring a lot of improvements.

You can in place upgrade to Windows Server 2019 from

How to in place upgrade to Windows Server 2019

Windows Server 2016 upgrade to Windows Server 2019

To in place upgrade to Windows Server 2019, just insert the Windows Server 2019 media into the existing server, by attaching an ISO file, copying the sources, inserting a USB drive or even a DVD drive and start the setup.exe.

Installing Windows Server 2019

The setup will discover the existing installation and will let you perform an in place upgrade. The installation will run for a couple of minutes, it will take quiet some time depending of the speed of your server hardware and of the installed roles and features. Microsoft MVP Didier Van Hoye, did write a great blog post about Windows Server 2019 In-Place Upgrade testing. In that blog post he has a quick look on upgrading to Windows Server 2019.

You can also find a overview about what is coming new in Windows Server 2019, in my blog: Windows Server 2019 – What’s coming next.



Open website from PowerShell

Open website from PowerShell

If you want to directly open a website from the PowerShell console, you can use the Start-Process cmdlet. This will open the website in the default browser:

You can also use “Start” which is an alias for Start-Process:

Yes this is a very short post, but I hope this was helpful and you can now open a website from PowerShell.



Windows Azure Pack Version PowerShell

Verify installed Windows Azure Pack version

If you want to check which version of Windows Azure Pack is installed or if you want to find out which Update Rollup of Windows Azure Pack is installed you can simply do this using two ways which help you to find the installed Windows Azure Pack version.

You can check the version of the installed Windows Azure Pack components on each server, using the Control Panel – Programs and it shows you the installed components:

Windows Azure Pack Version

You can also use the following PowerShell command to check the installed Windows Azure Pack server

Windows Azure Pack Version PowerShell

You can now compare the version numbers in this list an you can see which Windows Azure Pack Update Rollup is installed. Every component on every sever has to be checked.

Windows Azure Pack (links to KB articles)Version numberBuild Date
Update Rollup 103.33.8196.1404/20/2016
Security Update Rollup 9.13.32.8196.123/2/2016
Update Rollup 8.13.29.8196.011/16/2015
Update Rollup 83.28.8196.4810/28/2015
Update Rollup 7.13.27.8196.38/25/2015
Update Rollup 73.25.8196.757/31/2015
Update Rollup 63.24.8196.354/28/2015
Update Rollup 53.22.8196.482/10/2015
Update Rollup 43.19.8196.2110/21/2014
Update Rollup 33.15.8196.487/22/2014
Update Rollup 23.14.8196.324/16/2014
Update Rollup 13.12.8198.01/20/2014
RTM release3.10.8198.99/16/2013

If you need more information please check the following Microsoft TechNet article: Install Windows Azure Pack updates and verify versions

Thanks to Fulvio Ferrarini (itnetX) which helped me with this blog post.



5Nine Hyper-V Security Agentless

Secure your Hyper-V environment with 5nine Cloud Security 8.1

In the past years I was building several Hyper-V environments together with Enterprise customers and with service providers. In a lot of cases customer wanted more security in there Cloud and Virtualization environment. Security becoming a even more critical part in your datacenter and with a high virtualization rate, it gets even more critical and complex to manage. Especially when Virtual Machines can move from on cluster to another or from one datacenter to another. 5nine is one of the vendors who has a great solution, for this challenges. A couple of years back I wrote a blog post about 5Nine Cloud Security version 4.0. 5nine Cloud Security is a unified security and compliance solution designed to specifically address every Hyper-V security vulnerability across every virtual resource.

Last week at Microsoft Ignite, Microsoft released Windows Server 2016 and Hyper-V 2016, with that 5nine released 5nine Cloud Security 8.1 which supports Windows Server 2016 and Hyper-V 2016.

5nine Cloud Security has some unique key features to secure your environment.

  • Distributed vFirewall – Secure multi-tenant Hyper-V environment and provide VM isolation
  • Agentless Antimalware Detection – Protect Hyper-V with patent-pending agentless Kaspersky or ThreatTrack antivirus now with Real-Time Malware Detection
  • Enforce security compliance

5Nine Hyper-V Security Agentless

Key features

if you look at it on a security features list, 5nine Cloud Security offers you the following security features:

  • Automatically & Instantly Secure all Virtual Machines, Disks, Networks and Switches
  • Choice of Leading Antivirus Engines
  • Agentless AV – Full Virtual Machine Scans
  • Agentless AV – Real-time HTTP Virus and Malware Detection
  • Hyper-V Optimized Real-time Active Protection Agent
  • Agentless Firewall
    • Granular control over each virtual machine using Hyper-V
    • Extensible Switch, no agent required
    • Configure the Advanced / Full Kernel mode Virtual Firewall for each VM individually
    • MAC Address filtering
    • ARP Rules
    • SPI (stateful packet inspection)
    • Network traffic anomaly analysis
    • Inbound and outbound per VM bandwidth throttling
    • MAC broadcast filtering
    • All filtering events logging with more data (UM logs only contain blocked events)
    • Configure network filtering rules on a per-VM basis
    • Set inbound/outbound traffic limits and bandwidth utilization by virtual machine
  • Agentless Intrusion Detection
  • No need to access Guest OS to manage security
  • Centralized signature management with updates to host only
  • Incremental Fast Scans
  • Offline VM Scanning
  • Avoids Host Scanning Storms
  • Support for Windows Server 2012, 2012 R2 and 2016 Hyper-V
  • Supports any guest OS supported by Windows Hyper-V including Linux
  • Meet the security demands of enterprise, management service providers (MSPs), public sector, and hosting providers who leverage Microsoft’s Hyper-V Server and Cloud Platform
  • Provide the first and only seamless agentless compliance and agentless security solution for the Hyper-V Cloud
  • Deliver multi-layered protection together with integrated, agentless antivirus and intrusion detection capabilities
  • Offer unmatched levels of industry-demanded protection and compliance (including PCI-DSS, HIPAA, and Sarbanes-Oxley)
  • Secure the Cloud environment with anti-virus technology that runs with virtually zero performance impact while simultaneously improving virtual machine density
  • Provide network traffic control between virtual machines
  • Enforce secure multi-tenancy and Virtual Machines Security Groups
  • Provide NVGRE support (Hyper-V Network Virtualization)
  • Support for Microsoft Switch Embedded Teaming
  • PowerShell Module for automation

Integration and offerings

5Nine Hyper-V Security System Center VMM Plugin

5Nine Cloud Security also integrated perfectly in your Microsoft System Center environment using a System Center Virtual Machine Manager plugin.

5nine Cloud Security also offers a Windows Azure Pack Resource Provider to offer self-service to your tenants. Azure Pack (WAP) Extension is the only Security as a Service (SECaaS) solution to protect your datacenter, your customers, and their clouds as a free add-on to 5nine Cloud Security. It is the only way to enable tenants to easily manage their own Windows and Linux security policies through the Azure Pack self-service portal. Now hosting and service providers can secure multi-tenant environments and virtual machines in private, hosted or hybrid scenarios, while giving users the ability to easily configure firewalls, intrusion detection, and more.

Architecture

The installation and the management is so easy, you don’t really need any documentation. That’s how a security product should work, it should not make your environment even more complex it should help you to keep your environment secure without adding extra complexity to it. Is used 5nine for several customer environments.

  • The Management Service – This would be your 5nine management server which needs a SQL database (minimum MS SQL Express) and all Hyper-V Hosts are connected to this management server.
  • The Host Management Service – which is basically the software and agent running on the Hyper-V host itself.
  • The Management Console – The console where you can configure everything. The console is simply connected to the management server.
  • The Virtual Machine Manager Plugin – This is a plugin in VMM which allows you to manage rules directly from your System Center Virtual Machine Manager Console
  • Azure Pack Extension – Resource Provider installed on the WAP Tenant and WAP Admin servers

Impressions

5nine host service

5nine is a very light weight solution for the Hyper-V host with not a lot of overhead. On the Hyper-V host you have only two service running and the Hyper-V switch extensions.

5nine-switch-extension

 

Conclusion

Overall I think 5Nine Cloud Security is a must have solution to protect your Hyper-V environment, if you want to do more serious centralized managed security. Especially with the release of 5nine Cloud Security 8.1 directly with the release of Windows Server 2016, 5nine shows how great their development and integration in Hyper-V really is. It always supports the latest features of Hyper-V solve real world needs.

If you need more information, want to buy 5nine Cloud Security or if you need someone to help you integrated 5nine Cloud Security in your environment, feel free to contact me.

 

 



VM Network Adapter

PowerShell One-liner to list IP Addresses of Hyper-V Virtual Machines

Here a very quick PowerShell command to list all the Virtual Network Adapters, including IP Addresses of Virtual Machines running on a Hyper-V Host.

This will give you a list of all Virtual Machines running on Hyper-V Server called “HyperV01”