Archive

Archive for the ‘Security’ Category

New Pluralsight Course: VMware vSphere Security

January 14, 2014 Leave a comment

Happy New Year everyone! This is just a quick post to announce the release of my second Pluralsight course, VMware vSphere Security, which was just published today. If you have a current subscription (or want to sign up for a new one), please check it out:

http://pluralsight.com/training/Courses/TableOfContents/vmware-vsphere-security

Hope the course is helpful and any comments/feedback/suggestions are welcomed.

Advertisements
Categories: Security, Uncategorized, VMware

Learning To Embrace Automation

February 13, 2012 Leave a comment

As I’m sitting here on a semi-snowy New England Saturday, I’m reminded of a question that my good friend and fellow colleague, Mike Foley, always poses. Can we write a PowerShell script for this?image

Automation and orchestration products, whether it be something like vCenter Orchestrator, or just simply leveraging PowerCLI for scripting, can really be of value to both a virtual environment and the team that manages it. My project for today was re-designing my lab infrastructure and included re-installing a lot of the vSphere components. I could make a list that is pages long of the manual configuration steps I’ve been running through. These steps are also prone to error. What if I’ve missed a setting on one host? Have I configured the portgroup differently on vSwitches? The point here is there’s a lot of room for error. Since I was aiming for consistency across my environment, an error here could come back to haunt me later.

In a previous life, I was a systems admin on a small team. I barely had time to manage day-to-day operations, let alone try to write automation scripts. Looking back on it though, my approach was error prone and with a little bit of up-front work, I could have saved myself hours.

A friend said to me recently, “Brian, I could automate myself out of a job. Why would I want to do that?”. On the surface, he made a good point, but I dove a little deeper with him. You would automate yourself out of what can sometimes be mindless or repetitive daily tasks. That is very true and one thing that PowerShell is great at! Wouldn’t it be great though if all these manual daily tasks were removed and then you could focus on more strategic, long-term projects that much more fully utilize your technology skillset? My friend was skeptical until he started thinking about this. He was eliminating portions of his job requirements, or making them a lot easier and less time consuming at least. Having a more strategic focus on projects sure sounded great though!

It’s ideas like these that make automation easier to grasp. Yes, it’s a time investment up front, no getting around that. However, the time you put in at the beginning, will be worth it in the long run!

Another advantage that you get through automation is increased security. We talk about a model in security where leveraging automation and orchestration can actually increase visibility for any unknown or potentially malicious actions that may be occurring. If you create a baseline of workflows that administrators or users can perform in an environment, you can build a foundation of consistency. Additionally, now that you have defined workflows that are known good, any actions outside of these stick out to your monitoring tools. It then makes it much easier to alert and report on these potential security risks.

I’ve only touched on a few of many reasons why automation should be given a serious consideration. I’ve been talking about this to more and more customers and I’d love if this blog post is even just a starting point for future conversations. Please feel free to chime in on this, how has automation helped your environment or made your job easier?

image