VMware backup and the VMware snapshot #backup #vmware


#

VMware backup and the VMware snapshot

Server virtualisation introduces a radically different approach to backing up data in the enterprise than simply using backup agents installed in the guest operating system and backing up VMs across the network: VM-aware backup technologies.

Download this free guide

Computer Weekly’s Buyer’s Guide to GDPR

The race is on to get ready for GDPR next year. Computer Weekly looks at how to deal with data under the regulation, how compliance will affect businesses, and what organisations should do to prepare.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy .

If your virtualisation environment is growing exponentially, you’ll soon begin to notice the CPU, disk and network hit if you don’t quickly move over to such a technology.

But, it’s critical that you understand the role of the VMware snapshot and how VM backup and restore works before parting with your budget. In particular, you will want to ensure that VM-based backup offers the same level of granularity as your legacy backup system.

Early VMware backup products were very good at backing up but somewhat lacking in flexibility when it came to the restore process. Sadly, our industry has got the whole issue the wrong way round. Backup software should be called restore software, because that’s what customers buy it for.

Basic operation

Many vendors’ VM backup products use the same methods and APIs for backing up VMs. The process begins with the backup software taking a VMware snapshot of the VM. This performs two main tasks.

First, it triggers the quiescing of the VM and flushes the disk contents out of the file system cache. This leverages both the OS and application versions of Microsoft Volume Shadow Copy Servic e (VSS) that ensure files that may be locked and in use inside Windows are released in such a way that a full backup is more likely to happen. The snapshot is exactly the same as those available from the vSphere Client that can be taken manually by the VMware admin.

Second, the VMware snapshot unlocks the files that make up a VM from the file system. When a snapshot is engaged, each virtual disk receives a snapshot delta file (you will find it is called something like “vmname -00001.vmdk”). From this point onwards, all disk changes accrue in the delta files, which grow in increments of 16 MB. This leaves the files that make up the VM, such as the VM’s configuration file (VMX) and, critically, the virtual disk files (VMDK ), free to be archived.

Without the VMware snapshot engaged, the files would be locked by the ESX server that “owns” that VM when it is powered on. The situation is similar to when you try to copy or move a file that’s already open in an application.

Delta file size and removal of snapshots

As you can probably guess, there are a number of challenges associated with the use of VMware snapshots. The longer the snapshot is engaged, the larger the delta files that make up a VMware snapshot can be — relative to the rate of “churn” on your data. This can have implications for available free space on the volume where the snapshots reside and also a potential performance hit, dependent again on the rate of data churn and type of storage deployed. For example, RAID-enabled SSD or SAS drives will outperform SATA volumes in most cases.

However, your main concern with VMware snapshots is how your backup vendor handles their removal. Once the backup job has completed, an instruction is normally sent to either vCenter or directly to the ESX servers to remove the VMware snapshot from the VMs. Assuming that communication to these nodes is available at that time, a failure to communicate from the backup system to the management layer of vSphere can result in “orphaned” VMware snapshots left behind after the backup job completed.

A good backup product will at least log and alert the VMware admin to this fact, and the better ones will cycle through a garbage collection process to remove them at the earliest opportunity or when the next backup runs. There are many a sorry tale to be heard from VMware admins who have found a VMware snapshot file has grown so large that it fills a volume or a LUN.

Restoration

Another important feature is how the backup product goes about restoring files. In the early days of VM backup, many vendors merely mounted the virtual disks that made up the backup to their management system and left it to the VMware admin to copy files around using Window’s hidden “dollar” shares, such as C$ and admin$. That’s hardly approaching the sophisticated use of backup agents that intelligently restore files to the same or different locations.

Fortunately, things have improved in recent years. There are two methods that most vendors support. In the first method, the backed-up VMDK files are taken from a shared location accessible to the ESX hosts and “hot-added” to the VM to which they need to be recovered.

The result is that the VM “magically” has a new drive added to it whilst it is powered on. This appears as new X drive or Y drive, for example, and this allows the application owner of the VM to restore files using Windows Explorer.

Secondly, if the entire VM has been lost, many vendors allow for a temporary VM to be started using the files that have been backed up. Once booted and in use on the network, the VMware admin can use Storage vMotion to relocate the restored VM to its rightful location.

These two methods of restoring VMs are infinitely more sophisticated than copying files using Microsoft’s CIFS protocol. You should ensure that your chosen backup vendor supports at least one of these methodologies.

Scalable recovery

Of course, backup shouldn’t be your only strategy when it comes to data protection. While it’s true that 99% of all recoveries are of relatively small amounts of end-user data, there are situations that require a more robust and scalable recovery strategy than backups allow on their own.

What if you have very large VMs that hold terabytes of data? What if the storage array suffered a major outage? What if a storage admin took a LUN used by VMs offline and deleted it? All of these possibilities for data loss all share the same attribute: terrifying amounts of data lost in seconds. Attempting to recover this amount of data even with disk-to-disk backups could take hours or days depending on the volume of data and your maximum restore throughput.

For this reason, you really need to consider a cycle of snapshots driven by your storage vendor’s array technology. The storage vendor snapshot offers your environment an enormous Undo button for your volumes and LUNs. This can be incredibly helpful if a couple of VMs get accidentally deleted or destroyed. The history of previous snapshots is available, and these can be presented to the ESX hosts and mounted by them directly from the storage layer.

It’s like having a Recycle Bin for VMs, for gigabytes or terabytes of data. Storage vendors such as Dell, EMC and NetApp now have tools that integrate directly with the vCenter system to facilitate this recovery process without the need to understand the storage management tools or speak to the storage admins.

Storage vendor snapshots also form the basis of most storage vendors’ replication technologies. This should also be one of the linchpins of your data recovery strategy. The single point of failure of virtualisation is often the storage array. All VMs are stored on it and it is central to virtualisation’s advanced features such as vMotion, High Availability (HA), Distributed Resource Scheduler (DRS), Distributed Power Management (DPM), Fault Tolerance (FT) and maintenance mode.

Without some kind of centralised storage array, most virtualisation projects are hobbled from the get-go. At the same time, however, with a storage array, VMs become eggs stored in the proverbial basket.

There are two ways to approach this risk — if maximum availability is required, most storage vendors have their own “continuous availability” models, where two arrays are kept at the same state using synchronous replication. If one of the storage arrays goes down, the standby array takes the place of the primary.

Sadly, this can be an expensive option. What’s more viable is stretching out this replication between two arrays within a site to include another storage array in a different site. This gives the option to fail over if you lose the array and at the same time gives the business protection from the ultimate form of data loss: loss of an entire site.

This was last published in May 2012


How to Install KVM and Create Virtual Machines on Ubuntu #kvm #vs


#

By Chris Hoffman on June 28th, 2012

If you’re using Linux, you don’t need VirtualBox or VMware to create virtual machines. You can use KVM – the kernel-based virtual machine – to run both Windows and Linux in virtual machines.

You can use KVM directly or with other command-line tools, but the graphical Virtual Machine Manager (Virt-Manager) application will feel most familiar to people that have used other virtual machine programs.

Installing KVM

KVM only works if your CPU has hardware virtualization support – either Intel VT-x or AMD-V. To determine whether your CPU includes these features, run the following command:

egrep -c (svm|vmx) /proc/cpuinfo

A 0 indicates that your CPU doesn’t support hardware virtualization, while a 1 or more indicates that it does. You may still have to enable hardware virtualization support in your computer’s BIOS, even if this command returns a 1 or more.

Use the following command to install KVM and supporting packages. Virt-Manager is a graphical application for managing your virtual machines you can use the kvm command directly, but libvirt and Virt-Manager simplify the process.

sudo apt-get install qemu-kvm libvirt-bin bridge-utils virt-manager

Only the root user and users in the libvirtd group have permission to use KVM virtual machines. Run the following command to add your user account to the libvirtd group:

sudo adduser name libvirtd

After running this command, log out and log back in. Run this command after logging back in and you should see an empty list of virtual machines. This indicates that everything is working correctly.

virsh -c qemu:///system list

Creating Virtual Machines

Once you’ve got KVM installed, the easiest way to use it is with the Virtual Machine Manager application. You’ll find it in your Dash.

Click the Create New Virtual Machine button on the toolbar and the Virtual Machine Manager will walk you through selecting an installation method, configuring your virtual machine’s virtual hardware, and installing your guest operating system of choice.

The process will by familiar if you’ve ever used VirtualBox, VMware, or another virtual machine application. You can install from a disc, ISO image, or even a network location.

To assign more than 2GB of memory to a virtual machine, you’ll need a 64-bit Linux kernel. Systems running 32-bit kernels can assign a maximum of 2 GB of RAM to a virtual machine.

By default, KVM gives you NAT-like bridged networking – your virtual machine won’t appear on the network as its own device, but it will have network access through the host operating system. If you’re running server software in your virtual machine and want it accessible from other devices on the network, you’ll have to tweak the networking settings.

After selecting your installation method, Virt-Manager will boot the guest operating system in a window. Install the guest operating system as you would on a physical machine.

Managing Virtual Machines

The Virtual Machine Manager window displays a list of your installed virtual machines. Right-click virtual machines in the window to perform actions, including starting, shutting down, cloning, or migrating them.

You can view information about the virtual machine and configure its virtual hardware by clicking the i-shaped toolbar icon in the virtual machine’s window.


Desktop Virtualization Solutions – Virtual Desktop Infrastructure (VDI) #desktop #virtualization, #virtual #desktop


#

NetApp uses cookies to improve and customize your online experience.

NetApp uses cookies to improve and customize your online experience.

In order to tailor our communications with you to make sure that we are addressing your specific needs and not overwhelming you with unwanted information, we use cookies to handle propensity management. A cookie is a piece of information that is stored on your computer’s hard drive by your Web browser.

In order to disable the cookies you must check the box below and explicitly decline consent.

Disable my cookies.

View our Privacy Policy for more details about how we use cookies.

Far More Apps, Users, and Desktops. Guaranteed.

Set your virtual end-users up for success

Ensure that your virtual desktops, remote users, and applications all perform predictably from a single, consolidated desktop virtualization solution.

Speed data delivery—for less

Transform your infrastructure by moving to all-flash solutions that meet your mobile computing requirements.

Expand the boundaries of End User Computing

Deploy multiple workloads of any size with consistent end user performance in private or public clouds.

Simplify and accelerate End User Computing deployments with NetApp HCI

Provide guaranteed performance, flexibility and scale to end-users with NetApp HCI and VMware Horizon.

[*] NetApp HCI is available worldwide, with a few exceptions, including: Iran, North Korea, Sudan, Syria, Cuba, Crimea, China, Russia, Belarus, Kazakhstan, Armenia and Kyrgyzstan. Check with your local sales representative for the latest information.


How to Copy Files To and From a VMware Server Virtual Machine


#

How to Copy Files To and From a VMware Server Virtual Machine Guest

Files may be copied to and from the guest operating system running inside a VMware virtual machine using the vmrun command line tool.

Note that in order to perform these tasks, VMware Tools must be installed on the guest operating system. For details on installing VMware Tools refer to the Understanding and Installing VMware Tools chapter of the Virtuatopia VMware Server 2.0 Essentials online book.

Finding the vmrun Tool

The vmrun tool is installed on the host system as part of the VMware Server and VMware Workstation virtualization products. Assuming a standard installation where the software is placed in the default location, the vmrun executable is located in \Program Files\VMware\VMware Server on Windows hosts and in the /usr/bin directory on Linux hosts.

Understanding vmrun Command Line Syntax

The basic command line syntax for using vmrun varies slightly between VMware products, but can generally be summarized as follows:

vmrun host authentication flags guest authentication flags command parameters

The host authentication flags are required to provide host, login and password information for the host system. These are essentially the same credentials that would be used when accessing the VI Web Access management interface. These flags are required only on VMware Server hosts, and are not needed for VMware Workstation:

The corresponding password for the guest user specified using the -gu flag.

The command argument identifies to vmrun the task to be performed on the specified virtual machine. For example, start. stop and reset are all valid commands. Other commands are available to perform tasks within a guest operating system, such as runProgramInGuest and deleteFileInGuest.

The parameters arguments specify optional information required for a specific command. If, for example, the stop command is specified, the parameters argument is used to reference the .vmx file of the virtual machine which is to be powered off. In the case of running guest commands, both the .vmx file of the target virtual machine and the path to the program to be executed must be provided as parameters.

When specifying the virtual machine on which a command is to be executed, the location of the virtual machine .vmx configuration file must be provided. For VMware Workstation, this involves specifying the full path of the file. For example:

In the case of VMware Server 2.0, which introduced the concept of datastores. the name of the datastore in which the virtual machines resides must be provided together with the path of the corresponding .vmx file within that datastore. For example, to reference a virtual machine stored in the win2008 sub-directory of the Vol1 datastore, the vmrun path parameter would be defined as follows (note that the datastore name is enclosed in square brackets and separated from the sub-directory by a space character):

Copying Files to a Virtual Machine Guest

A file may be copied to the guest operating system running in a VMware virtual machine using the copyFileFromHostToGuest command. For example:

Copying Files from a Virtual Machine Guest

A file may be copied from the guest operating system running in a VMware virtual machine using the copyFileFromGuestToHost command. For example:

Checking if a File Exists in a Virtual Machine Guest

Before attempting to copy a file to or from a gust operating system, it may first be useful to check whether the file exists on the guest filesystems. This can quickly be achieved with vmrun and the fileExistsInGuest command. For example:


VMware Private Cloud #vmware #private #cloud, #vmware #cloud, #vmware #vcloud,


#

VMware Private Cloud Hosting

A private cloud is a cloud computing platform dedicated to your organization. Cybercon data center hosted VMware private cloud provides you the freedom to choose: network routers and switches, firewalls, server hardware, storage systems, and VMware cloud computing software. Our solutions are built to give you the power to construct and manage clouds across your internal data centers and Cybercon data center — on terms that you control. That means you can keep a handle on compliance, security, and costs. And you can let your business needs drive your IT strategy, instead of having IT limit your options.

The VMware Private Cloud Solution pools infrastructure resources among multiple clusters into policy-based virtual datacenters. A virtual datacenter is a predefined container of resources that spans a set of virtualized physical resources that can be can be constructed to provide specific service-levels or meet particular business needs. These elastic and tiered virtual datacenters enable resources to be provisioned to IT services without repeated configuration. By logically pooling infrastructure capacity into virtual datacenters, IT organizations can manage resources more efficiently with complete abstraction between the delivery of infrastructure and the underlying hardware that supports it. Cybercon’s VMware private cloud computing service provides data center infrastructure, cloud computing hardware, VMware cloud software, and 24x7x365 live onsite tech support.

To fit IT budgets of all sizes, we can deliver VMware Private Cloud services to you in two different ways with different cost structures:

* Economic VMware Private Cloud:
With the Economic VMware Private Cloud hosting, you can order HP blade servers as your VMware cloud server nodes, shared SAN as your VMware cloud SAN storage, and VMware vCenter server as your centralized management server. In this model, you can get a VMware private cloud up and running in a few hours. It only costs you a few hundreds dollars a month.

You can order an Economic VMware Private Cloud in two simple steps:

  • Step 1: Select your VMware private cloud options such as Cloud Software, Network Firewall, and Network SAN Storage Space ;
  • Step 2: Add one or more Dedicated VMware Servers as your VMware private cloud hosts or nodes ;

Check out your shopping cart. A private cloud will be ready for you to use in a few business hours.

* Enterprise VMware Private Cloud:
With the Enterprise VMware Private Cloud hosting, you can order private lockable cabinets, dedicated Dell PowerEdge servers as your VMware cloud server nodes, dedicated or shared SANs as your VMware cloud SAN storage systems, and VMware vCenter server as your centralized management server. All your equipment will be placed in your private lockable cabinets.

You can order an Enterprise VMware Private Cloud in five steps (please add each selection to your shopping cart and then check them out together):

  • Step 1: Select your private lockable cabinet and power option;
  • Step 2: Select your cloud computing VMware server nodes;
  • Step 4: Select your VMware cloud software;
  • Step 3: Select your enterprise data storage SAN systems;
  • Step 5: Select your network firewall ;

Got questions? Please check out our VMware Cloud Hosting FAQs. use our Sales Inquiry Form for VMware private cloud hosting, or call us toll free at 1.800.932.2354 (International: 1.314.621.9991). We’re here for you 24 hours a day .


VMware backup and the VMware snapshot #vmware #backups


#

VMware backup and the VMware snapshot

Server virtualisation introduces a radically different approach to backing up data in the enterprise than simply using backup agents installed in the guest operating system and backing up VMs across the network: VM-aware backup technologies.

Download this free guide

Computer Weekly’s Buyer’s Guide to GDPR

The race is on to get ready for GDPR next year. Computer Weekly looks at how to deal with data under the regulation, how compliance will affect businesses, and what organisations should do to prepare.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy .

If your virtualisation environment is growing exponentially, you’ll soon begin to notice the CPU, disk and network hit if you don’t quickly move over to such a technology.

But, it’s critical that you understand the role of the VMware snapshot and how VM backup and restore works before parting with your budget. In particular, you will want to ensure that VM-based backup offers the same level of granularity as your legacy backup system.

Early VMware backup products were very good at backing up but somewhat lacking in flexibility when it came to the restore process. Sadly, our industry has got the whole issue the wrong way round. Backup software should be called restore software, because that’s what customers buy it for.

Basic operation

Many vendors’ VM backup products use the same methods and APIs for backing up VMs. The process begins with the backup software taking a VMware snapshot of the VM. This performs two main tasks.

First, it triggers the quiescing of the VM and flushes the disk contents out of the file system cache. This leverages both the OS and application versions of Microsoft Volume Shadow Copy Servic e (VSS) that ensure files that may be locked and in use inside Windows are released in such a way that a full backup is more likely to happen. The snapshot is exactly the same as those available from the vSphere Client that can be taken manually by the VMware admin.

Second, the VMware snapshot unlocks the files that make up a VM from the file system. When a snapshot is engaged, each virtual disk receives a snapshot delta file (you will find it is called something like “vmname -00001.vmdk”). From this point onwards, all disk changes accrue in the delta files, which grow in increments of 16 MB. This leaves the files that make up the VM, such as the VM’s configuration file (VMX) and, critically, the virtual disk files (VMDK ), free to be archived.

Without the VMware snapshot engaged, the files would be locked by the ESX server that “owns” that VM when it is powered on. The situation is similar to when you try to copy or move a file that’s already open in an application.

Delta file size and removal of snapshots

As you can probably guess, there are a number of challenges associated with the use of VMware snapshots. The longer the snapshot is engaged, the larger the delta files that make up a VMware snapshot can be — relative to the rate of “churn” on your data. This can have implications for available free space on the volume where the snapshots reside and also a potential performance hit, dependent again on the rate of data churn and type of storage deployed. For example, RAID-enabled SSD or SAS drives will outperform SATA volumes in most cases.

However, your main concern with VMware snapshots is how your backup vendor handles their removal. Once the backup job has completed, an instruction is normally sent to either vCenter or directly to the ESX servers to remove the VMware snapshot from the VMs. Assuming that communication to these nodes is available at that time, a failure to communicate from the backup system to the management layer of vSphere can result in “orphaned” VMware snapshots left behind after the backup job completed.

A good backup product will at least log and alert the VMware admin to this fact, and the better ones will cycle through a garbage collection process to remove them at the earliest opportunity or when the next backup runs. There are many a sorry tale to be heard from VMware admins who have found a VMware snapshot file has grown so large that it fills a volume or a LUN.

Restoration

Another important feature is how the backup product goes about restoring files. In the early days of VM backup, many vendors merely mounted the virtual disks that made up the backup to their management system and left it to the VMware admin to copy files around using Window’s hidden “dollar” shares, such as C$ and admin$. That’s hardly approaching the sophisticated use of backup agents that intelligently restore files to the same or different locations.

Fortunately, things have improved in recent years. There are two methods that most vendors support. In the first method, the backed-up VMDK files are taken from a shared location accessible to the ESX hosts and “hot-added” to the VM to which they need to be recovered.

The result is that the VM “magically” has a new drive added to it whilst it is powered on. This appears as new X drive or Y drive, for example, and this allows the application owner of the VM to restore files using Windows Explorer.

Secondly, if the entire VM has been lost, many vendors allow for a temporary VM to be started using the files that have been backed up. Once booted and in use on the network, the VMware admin can use Storage vMotion to relocate the restored VM to its rightful location.

These two methods of restoring VMs are infinitely more sophisticated than copying files using Microsoft’s CIFS protocol. You should ensure that your chosen backup vendor supports at least one of these methodologies.

Scalable recovery

Of course, backup shouldn’t be your only strategy when it comes to data protection. While it’s true that 99% of all recoveries are of relatively small amounts of end-user data, there are situations that require a more robust and scalable recovery strategy than backups allow on their own.

What if you have very large VMs that hold terabytes of data? What if the storage array suffered a major outage? What if a storage admin took a LUN used by VMs offline and deleted it? All of these possibilities for data loss all share the same attribute: terrifying amounts of data lost in seconds. Attempting to recover this amount of data even with disk-to-disk backups could take hours or days depending on the volume of data and your maximum restore throughput.

For this reason, you really need to consider a cycle of snapshots driven by your storage vendor’s array technology. The storage vendor snapshot offers your environment an enormous Undo button for your volumes and LUNs. This can be incredibly helpful if a couple of VMs get accidentally deleted or destroyed. The history of previous snapshots is available, and these can be presented to the ESX hosts and mounted by them directly from the storage layer.

It’s like having a Recycle Bin for VMs, for gigabytes or terabytes of data. Storage vendors such as Dell, EMC and NetApp now have tools that integrate directly with the vCenter system to facilitate this recovery process without the need to understand the storage management tools or speak to the storage admins.

Storage vendor snapshots also form the basis of most storage vendors’ replication technologies. This should also be one of the linchpins of your data recovery strategy. The single point of failure of virtualisation is often the storage array. All VMs are stored on it and it is central to virtualisation’s advanced features such as vMotion, High Availability (HA), Distributed Resource Scheduler (DRS), Distributed Power Management (DPM), Fault Tolerance (FT) and maintenance mode.

Without some kind of centralised storage array, most virtualisation projects are hobbled from the get-go. At the same time, however, with a storage array, VMs become eggs stored in the proverbial basket.

There are two ways to approach this risk — if maximum availability is required, most storage vendors have their own “continuous availability” models, where two arrays are kept at the same state using synchronous replication. If one of the storage arrays goes down, the standby array takes the place of the primary.

Sadly, this can be an expensive option. What’s more viable is stretching out this replication between two arrays within a site to include another storage array in a different site. This gives the option to fail over if you lose the array and at the same time gives the business protection from the ultimate form of data loss: loss of an entire site.

This was last published in May 2012


Guide To VDI: Evaluating Top Vendors #vdi, #amazon, #aws, #citrix, #microsoft, #vmware,


Guide To VDI: Evaluating Top Vendors

Desktop virtual infrastructure now includes new cloud-based options, with the potential for improved user experience and lower cost. Fusion PPT compared the leading vendors and their offerings.

In spite of its many perceived benefits, virtual desktop infrastructure (VDI) has yet to fully gain traction and still remains a niche market. After well over a decade since its early introduction, VDI has faced challenges when it comes to truly duplicating the local desktop and competing on cost.

The introduction of cloud-based computing models for VDI (known as desktop as a service or DaaS) now offers a combined benefit and challenge to the IT decision maker. Whereas on-premise data center-hosted VDI represented a known model that has been tested and refined over the years, cloud-based VDI is the new kid on the block and has yet to effectively prove itself.

In this guide, we take look at four of the leading VDI vendors, including their capabilities and differentiators. These include Amazon (AWS), Citrix, Microsoft, and VMware (an EMC company). Read on for the full discussion, or click on the thumbnail at right to jump to the comparison matrix.

3 main reasons to use VDI
So why would anyone consider adopting a VDI-based approach to desktop computing? Well, on paper, the expected benefits seem quite compelling. Will they pan out in the long run?

  1. Centralized and simplified IT desktop management
    To begin, take the scenario of patch management. In VDI, patches and software updates can be distributed in a centralized and simplified manner, because IT no longer needs to manage the individual deployment to each unique computer. The deployment can also occur from a centralized management console. Updates need not be solely to desktop PCs, but also can include mobile devices and thin clients.

A centralized server-hosted virtual desktop (SHVD) infrastructure also provides the benefit of simplified backup operations. With proper infrastructure and bandwidth in place, such an approach will minimize the network congestion of backups that would otherwise occur from a myriad of desktop systems.

VDI also enables IT to provide higher security control and compliance. Servers can now be locked down and secured in a more manageable manner, with less risk to local desktop vulnerabilities. For example, administrators can provide central security policies that apply to all users and minimize the malware footprint, should there be an infection. The desktop can be re-commissioned from the base image when problems arise.

  • Reduced cost and hardware
    Harnessing the power of server pools that are unseen to the end user, VDI offers the benefit of more effective use of centralized computing capacity. This can translate in real dollars to a diminished need to purchase new hardware and the additional associated software, licensing, and support costs that are seen in capex and opex dollars. As one scenario, older desktop hardware (with sufficient native capacity) can be retained and used as thin client devices for users who are working on general-purpose tasks that do not require high-end client devices.
  • Increased mobility and remote access
    Another important benefit that VDI provides is the ability to access desktop from remote locations, and with different computing devices. This can be a very accommodating feature for remote and mobile workers who do not really have a fixed work location. With many VDI solutions, the active desktop state can be preserved, enabling users to pick up right where they left off.
  • In this guide, we look at four enterprise vendors providing VDI-based products. There are many other mid-market VDI vendors, as well as open-source solutions from StackVDI, QVD, and others.

    VDI delivery methods
    Vendors have chosen different means to implement VDI. Historically, solutions first began with the typical on-premise server-hosted virtual desktop model, focusing on the data center. As VDI and cloud computing have matured, a second software-as-a-service model of desktop computing has been reborn in the form as DaaS.

    In its simplest form, DaaS is VDI in the cloud. However, as with all cloud-based solutions, the customer must rely upon the cloud service provider (CSP) to deliver critical infrastructure that is no longer under the control of the IT organization. DaaS solutions are marketed as being able to handle the challenges of traditional VDI, such as complexity and cost. In DaaS, customers pay a monthly flat fee and are able to obtain a VDI infrastructure without the initial investment.

    The third option consists of a hybrid approach that leverages both the on-premise and cloud-based models.

    It’s also worth noting that various DaaS providers deliver their “desktop” experience via Windows Server (AWS and VMware, for example). This is primarily done as a way around Microsoft’s multi-tenancy licensing, Microsoft’s Service Provider Licensing Agreement (SPLA), which requires the hosting hardware to be dedicated to each individual customer. SPLA also requires customers to own the client OS license.

    Pages

    Re: Guide To VDI: Evaluating Top Vendors

    Zerox, you’re right, this article is not for the faint of heart. It is long and a lot of information to wade through. But for anyone seriously considering VDI, it’s a jackpot of practical considerations and objective insight. We’re thankful that Dean and his firm published it here.

    User Rank: Apprentice

    Fri, 02/20/2015 – 09:35

    Re: Guide To VDI: Evaluating Top Vendors


    PCI DSS Hosting #pci #compliant, #pci-dss #hosting, #vmware #hosting, #cloud #hosting, #disaster


    #

    PCI DSS Compliant Hosting

    Protect your Infrastructure and Achieve Compliance

    As a company that processes credit card transactions, or stores credit card information, you are a target. In June 2014, the motivation behind 58% of all hacking attempts was Cyber Crime. There are new security breaches in the news every few months, usually affecting millions of credit card holders.

    This means obtaining PCI DSS compliance for your business is more than a regulatory necessity. It is the way to ensure your business, and your customers, are protected. The maximum fine for PCI DSS compliance violations is £50,000. However, the loss of trust in your business due to a security breach could be devastating. Contrary to popular belief, obtaining PCI DSS compliance doesn’t have to be hard. All you need is a trusted partner with the experience and commitment to help you.

    Global organisations trust us

    We currently offer Level 1 PCI DSS compliant hosting to multinational corporations such as AXA Travel Insurance, AXA Assistance, LANDesk and TrustPay Global. They turned to us because we know what is necessary to become, and stay, compliant:

    • Reviewing current systems and procedures
    • Understanding what level is required
    • Developing a cost effective compliant hosting solution
    • Managing compliance through migration
    • We partner with industry leading QSA’s
    • Assisting through the assessment process
    • Continued monitoring for annual reviews
    • Adjusting hosting needs as business needs change

    Our network and management infrastructures are audited manually and these audits are submitted to VISA, who then endorses us with being Level 1 PCI Compliant. We perform annual audits and quarterly network scans, we are licensed to process in excess of 24 million transactions per year on our hosting architectures.

    Let us worry about the details. You worry about your business.

    Whether you need PCI Level 1, 2, 3, or 4 – or if you are not yet sure – our specialised technicians will work with you to create a solution tailored to your business. Our managed PCI services include the following:

    Design, build, deploy and manage

    We help you every step of the way: information security policies, secure network architecture design, and gap analysis. This is a core element of our day to operations within Netplan.

    Network Vulnerability Scans

    We manage the network starting with a “deny-all” default firewall setting, then maintain it with the latest patches, anti-virus agents, and enforce remote authentication to individuals. These measures ensure you have up to date protection from the latest threats, and fulfils annual PCI DSS hosting compliance requirements.

    Penetration Testing

    Customised penetration testing service provides a comprehensive analysis of your level of protection against compromise. This includes network and application security testing provided by an approved scanning vendor.

    Working with your Qualified Security Assessor (QSA)

    We are ready to work with your existing QSA, or can recommend one. Our experience means we understand the importance of the relationship between you and the QSA in making audits quick and efficient.

    Audit Support

    The key to a successful and painless audit is a proper log trail. We provide all the data (security logs, policies, testing results, etc.) you need to satisfy your QSA and prove your compliance requirements.

    24x7x365 monitoring and auditing

    In addition to ensuring network performance, our constant monitoring means that nothing happens without proper documentation. You will always have the evidence you need for your audit.

    Do I need to be PCI DSS compliant?

    If your business processes credit card transactions, or maintains paper records, you need to be PCI DSS compliant. It doesn’t matter if you only take credit card orders over the phone, in person, on your website, or through a third party processor. The requirements though, for becoming PCI DSS compliant depend upon how you take and maintain credit card information. If you have questions, contact us today and we can help you determine if you need PCI DSS compliant hosting.

    Finding the best solution for your business

    The goal of many companies offering hosting for PCI compliance is just that – to get you a compliance certificate. They will help you do what’s necessary to check off the boxes and pass your audit. The solutions they offer will meet the minimum requirements for your PCI level.

    At Netplan we work with you to determine the right security solutions to meet your needs and regulatory requirements. Often this means that the services we provide exceed the standards set by PCI DSS.

    Talk to us now to discuss how Netplan can provide your perfect PCI hosting solution

    Guaranteed compliance or your money back

    It may be a bold statement, but we can confidently guarantee PCI compliance at the appropriate level for your business. Which standards apply to you varies based on the number of transactions you process annually as well as other details relating to data storage and infrastructure. We can ensure that you have the proper solution and that you’ll achieve compliance or we will give your money back.

    Every minute your business is not compliant is a minute that you are vulnerable to fraud and cyber-attacks. Contact us today for a free consultation with one of our PCI compliance experts. We’ll work with you to make obtaining PCI compliance as quick and stress free as possible.

    PCI Compliance levels explained

    PCI Compliance levels are determined by the various credit card issuing brands such as Visa and MasterCard. The following categories define the criteria used by Visa, however most other brands refer to Visa, or have similar definitions to determine compliance levels.

    6 million or more transactions per year

    Level 1 compliance is required for any merchant processing six million or more transactions per year, regardless of channel. All transactions performed by the merchant are aggregated, whether they occurred over the phone, in person or online. All transactions performed by the merchant are aggregated if the data is stored, processed or transmitted together, even if the transactions are performed under multiple Doing Business As (DBA) organisations. Visa also reserves the right to require Level 1 compliance by any merchant they determine needs to be in order to protect the Visa system.

    In order to obtain and maintain Level 1 compliance, merchants need to produce an annual report on compliance by a Qualified Security Assesor.

    Between 1 and 6 million transactions per year

    Level 2 compliance is required for any merchant processing between 1 million and six million transactions per year, regardless of channel. All transactions performed by the merchant are aggregated, whether they occurred over the phone, in person or online.

    In order to obtain and maintain Level 2 compliance, merchants need to complete an annual Self-Assessment Questionnaire (SAQ).

    Between 20,000 and 1 million transactions online per year

    Level 3 compliance is required for any merchant processing between 20,000 and 1 million e-commerce transactions per year. All transactions performed by the merchant are aggregated if the data is stored, processed or transmitted together, even if the transactions are performed under multiple Doing Business As (DBA) organisations.

    In order to obtain and maintain Level 3 compliance, merchants need to complete an annual Self-Assessment Questionnaire (SAQ), perform quarterly network scans by an Approved Scan Vendor, and complete an Attestation of Compliance Form.

    Less than 20,000 e-commerce transactions, or less than 1 million transactions offline per year

    Level 4 compliance is required for any merchant processing less than 20,000 e-commerce transactions per year. It is also required of any merchant processing less than 1 million transactions via any other channel (telephone, in person, or otherwise non-ecommerce channel). All transactions performed by the merchant are aggregated if the data is stored, processed or transmitted together, even if the transactions are performed under multiple Doing Business As (DBA) organisations.

    In order to obtain and maintain Level 4 compliance, it is recommended merchants complete an annual Self-Assessment Questionnaire (SAQ), perform quarterly network scans if applicable by an Approved Scan Vendor, and complete any additional requirements set forth by their merchant bank.