Educational Episodes: Hyperconverged Infrastructure (HCI)

Many Certificate Authority servers that were installed on Windows Server 2003 never got upgraded until Microsoft ceased the support of Windows 2003. Some of those are still out there running today. A massive amount of them got set up in an era when Wi-Fi in the SME market became very popular and CA servers were deployed to easily secure access to it. To be fair, a lot of administrators didn’t wait for Windows Server 2003 support to expire and made sure their CA was more or less up to date by upgrading them in place. That alone is something to commend. However, the operating system version only introduces the capability of using modern more secure providers and algorithms. It doesn’t upgrade the ones used by the PKI automatically for you. So many of these upgrade PKI servers are still using an old cryptographic provider, the “Microsoft Strong Cryptographic Provider” (SCP) and an old hash algorithm (SHA1) that’s been deprecated (see SHA1 Deprecation: What You Need to Know) or even banned.

On October 1st, Microsoft Exchange Team released the new Exchange Server 2016. Microsoft had been testing and improving millions of mailboxes in their Office365 environment before it released the product on-premises. In this article, I will describe a step-by-step guide for the installation of Microsoft Exchange Server 2016.

As many admins of virtual infrastructures know, for the first time ever, VMware vSphere 6.5 received the long awaited encryption feature of both virtual disks content and vMotion hot migrations. The VMs encryption works based on AES-NI algorithm, and the key management is carried out based on KMIP 1.1 standard. When I/O operation comes to the disk of the virtual machine, it is immediately encrypted on-the-fly, which provides complete security against data security attack.

A Remote Office / Branch Office (ROBO) is an office located in a different site or a remote geographical area from another office (usually the headquarter or the main office). Several organizations have one (or more) main office, as well as remote offices in another city, country or continent. Many organizations today have in each remote office some local IT infrastructure, usually for data locality, but also for service local services.

The Installation of ESXi 6.5 did not change much since previous release. After you’re download your installation ISO, you need to burn it to a CD-ROM in order to proceed with installation. Know that there is a way to install ESXi from USB stick too. And in this post we will prepare one. You as an administrator or consultant have to have your toolkit with the latest ESXi installer ready in your pocket, so today we’ll show one of the methods to create an ESXi 6.5 installation USB under two minutes. While this method of creation of USB media is quick and it is done under two minutes, it is not always obvious to deal with hardware compatibility and drivers and firmware (combination of those two) for latest vSphere 6.5. At the end of the post we’ll show you few ways how to deal with that.

Microsoft recently announced new features and updated capabilities within Azure Storage. Some of the new features are Larger blobs, incremental copy, new API capabilities and an updated version for the Storage Emulator.

Capacity planning is one of the tasks that every IT organization need to do, but most do very poorly. This is not out of bad will or lack of skills. Most often, it is because they lack a good way of dealing with all the changes, past, present and future. Most of them are also done reactively. Statistics may be pulled from vCenter and put into word or excel where graphs of past data points from a historical trend. This is then used to predict the future growth and based there of cluster sizing and purchasing decisions are made. Alternatively, the all too familiar, “we are out of resources. Hurry we need to buy more”, scenario comes into play. None of these capacity technics are very good. There is most properly a need to do things smarter.

Picture this – you are a systems administrator working at a major banking institution. The security team walks into your office and lets you know that a major update needs to be applied to all of the servers within the institution – not a problem for most organizations, but in the case of a bank, you could have hundreds if not thousands of remote and branch offices.  Sure, we can write scripts to copy out the update files and even execute them remotely from our head office – but the problem most ROBO scenarios are ever-changing – with new offices being created and others closing down all the time.  Keeping track of server names, IP schemes, etc. can be quite a time-consuming process.  Naturally, we want the same updates, patches, and fixes to be deployed everywhere, in the same manner, in order to provide consistency – so having this up to date list available when we need it is key to driving success within our environment.

Microsoft will be “guiding” new customers to use the Cloud Solution Provider (CSP) program to acquire any of the Azure subscriptions. Even though you won’t see the pay-as-you-go option from Microsoft, don’t panic, there’s an explanation.