Virtual Update 2018-07-16

Something kept coming up when I’ve been chatting with customers lately.  They have found out that I am snipping and keeping updates (from multiple sources), and sharing these every couple of weeks with the WEI team….and have been asked to post these notes here.
This is the first post, and I went back about two months.
This post will be a bit longer than most, and hopefully you’ll find it useful.
I will attempt to post this every two weeks, so as not to keep your inboxes too busy….
Thanks for reading!

VMworld 2018
Las Vegas, Mandalay Bay, August 26-29
Its coming quickly.  If you know you are going, let your WEI account executive know, as WEI wants to include our customers in anything WEI does in Las Vegas.
VMware vSphere 5.5 End of General Support
September 19, 2018 is coming, and many of our customers are engaged in projects getting their infrastructures up to date.
It was a good five (5) year run on this version of vSphere, but all good things must come to an end.
VMware has been repeatedly stating this over the past 7 months, and here is another reference back to a February post, with links and FAQs around the topic.
If you are still running vSphere 5.5….let’s find a way to get you updated.
vSAN Assessment
WEI has a tool to do vSAN assessment.
Would you be interested in seeing how YOUR current infrastructure would run if it running as vSAN HCI?
Let WEI give you the numbers you need to see if this is a solution you should consider.
SD-WAN VeloCloud
Do you have 10+ remote sites?
Do you want to help optimize your organization’s spend on WAN connectivity?
WEI can show you how.
Just ask…..we are always here to show you the details, so you can make an informed decision.
vSphere 6.7 What’s New
Want to know why you should or should not upgrade to vSphere 6.7?
Maybe vCenter 6.7 and ESXi running 6.5 or even 6.0 is right for you….
Just ask… only takes about an hour of your time, and you can understand the benefits of this upgrade, and how it would affect your environment.
Digital Workspace / VDI Next Gen
VMware View the VDI solution….but that’s only the beginning.
What used to be End User Computing (EUC) is now about Workspace ONE
If you do VDI today, let WEI show you what you can do nowadays with Workspace ONE and Airwatch.
You’lll secure BYOD, enable all your users, and keep your data secured.
VMware AppDefense HOL available
Want to see how VMware AppDefense protects applicaitons?  Try this VMware Hands on Lab.
VMware Workspace ONE HOL available
Want to run through Workspace ONE again (of for the first time)?
This HOLwill take you through it (login with your MyVMware account)
VMware Cloud Foundation
Sick of an upgrade every 2-3 years?
Why not do VCF during your next upgrade project, and see what it can simplify for YOUR organization….
Just ask WEI….
What is VMware WaveFront, and why do I care?
• Analytics depth for smart alerting and anomaly detection
• Flexibility and breadth for self-service metrics
• Performance, reliability, and scale for an enterprise roll-out
You thought VMware vRealize Operations Manager is where it stopped?
Nope….vSphere, AWS, Azure workloads all laid out for you in terms of performance & bottlenecks…..
VMware AppDefense 101: Intrinsic Security for Applications and Data
The commoditization of cybercrime has made it possible for virtually anyone with a computer to launch a sophisticated attack against your company, and new attacks are being developed every day. This is a scary prospect for those charged with securing the applications and data living in increasingly dynamic, distributed IT environments.
WEI has had asks around this recently, and WEI have a way to show you this in 1 hour to understand it.
vSphere 6.7 & 6.5-Update 2
As limited support for 3rd party software (Veeam, NetBackup, Commvault) exists, we are still holding off on these versions.
This has changed as of 2018-07 since Veeam now supports 6.7 (Veeam 9.5 Update 3a)
Found NetBackup 8.x supports vSphere 6.7 as well.
Be careful with your vCenter 6.5 update (patching operation) at this time, as it would upgrade you to 6.5 update 2
Veeam says probably end of month in June.  If for some reason you have vSphere 6.5 Update 2, you may have to wait another month or two before you can upgrade to vSphere 6.7.
ESXi Secure Boot
First off, this requires a physical TPM module in the ESXi server in question.
It highlights some things we believe in, such as, eventually, and ESXi host needs to be rebuilt.
Given that this is an article by Mike Foley, it is accurate.
I’d give it the 5 minute read because of its author, and in case we hear this requirement from our customers.
Windows 2016 & Windows 10 VBS (Virtualization Based Security)
So this is a new feature in the 6.7 release.
I’ve captured the installation & configuration of this feature in the template build doc (Checklists is now shared by me in OneDrive).
I have included this as a separate section, as the pros & cons must still be weighed out on this.
So I have 2 identical Windows 2016 servers running.  One with & one without VBS configured.
Both are 1 x vCPU & 4-GB of RAM.
On the CPU side, I have noticed an increase in CPU utilization for running with VBS configured.
I am just using vCenter CPU Usage in %, and taking the average reported over a 1-hour period (when machines have been idle > 1 hour)
WIthout VBS:  0.738%
With VBS:  6.225%
Not sure what the repercussions would be if there was a heavy workload on it….
User Environment Manager 9.4
A few new features have been added in to UEM 9.4
Argument Based Privilege Elevation (for when you need to run a script as admin for a user)
Smart Policies for Linux VMs
Triggered tasks gets new triggers (such as all AppStacks attached)
And Roaming Windows 10 Start Menus.
Can NSX secure physical servers?
I have had this question twice in the past week.
Apparently, you can, but it requires some planning.
Here is a video that shows how that would be performed.
Horizon View 7.5
This was recently released.  Few new goodies in this…
Https://fqdn-of-view-server/newadmin is the HTML5 management interface.
Not fully featured yet, but it works for basic things.  I figure it is going to be a slow transition to it….
Help Desk Tool is integrated in the HTML5 management interface.
JMP Server…a separate Windows Server instance to enable JMP (Just-in-Time Management Platform).  This provides admins a workflow tool to include Desktop Pools, App Volumes, AppStacks, and UEM policies.  Has a lot of manual certificate replacements that must be done if this is to function, so it definitely feels like it was developed by another team.  I might wait before implementing it right now….
You can publish desktops to VMware on AWS (albeit only Persistent desktops right now), or you can use VMware on AWS to do a View solution itself.
You can use Windows VBS (Virtualization Based Security) on the VMs
VMware Verify
I’ve been seeing this referenced a lot, given it is VMware’s MFA solution.
It has been available in VMware Identity Manager since 2.8.
So far, I only see it being offered as MFA for WorkspaceONE.
I have an inkling that this will make its way into vROPs and Loginsight, as they use the IDM appliance….and perhaps even into vCenter 7.0 (whenever that gets released)….