Archive
Nutanix NX-3000 review: Virtualization cloud-style – #Nutanix, #IaaS
A great review of the Nutanix Virtual Computing Platform! 🙂
What do you get when you combine four independent servers, lots of memory, standard SATA disks and SSD, 10Gb networking, and custom software in a single box? In this instance, the answer would be a Nutanix NX-3000. Pigeonholing the Nutanix product into a traditional category is another riddle altogether. While the company refers to each unit it sells as an “appliance,” it really is a clustered combination of four individual servers and direct-attached storage that brings shared storage right into the box, eliminating the need for a back-end SAN or NAS.
I was recently given the opportunity to go hands on with a Nutanix NX-3000, the four nodes of which were running version 3.5.1 of the Nutanix operating system. It’s important to point out that the Nutanix platform handles clustering and file replication independent of any hosted virtualization system. Thus, a Nutanix cluster will automatically handle node, disk, and network failures while providing I/O at the speed of local disk — and using local SSD to accelerate access to the most frequently used data. Nutanix systems support the VMware vSphere and Microsoft Hyper-V hypervisors, as well as KVM for Linux-based workloads.
[ The Nutanix NX-3000 is an InfoWorld 2014 Technology of the Year Award winner. Read about the other winning products in our slideshow, “InfoWorld’s 2014 Technology of the Year Award winners.” | For quick, smart takes on the news you’ll be talking about, check out InfoWorld TechBrief — subscribe today. ]
Nutanix was founded by experienced data center architects and engineers from the likes of Google, Facebook, and Yahoo. That background brings with it a keen sense of what makes a good distributed system and what software pieces are necessary to build a scalable, high-performance product. A heavy dose of innovation and ingenuity shows up in a sophisticated set of distributed cluster management services, which eliminate any single point of failure, and in features like disk block fingerprinting, which leverages a special Intel instruction set (for computing an SHA-1 hash) to perform data deduplication and to ensure data integrity and redundancy.
A Nutanix cluster starts at one appliance (technically three nodes, allowing for the failure of one node) and scales out to any number of nodes. The NDFS (Nutanix Distributed File System) provides a single store for all of your VMs, handling all disk and I/O load balancing and eliminating the need to use virtualization platform features like VMware’s Storage DRS. Otherwise, you manage your VMs no differently than you would on any other infrastructure, using VMware’s or Microsoft’s native management tools.
Nutanix architecture
The hardware behind the NX-3000 comes from SuperMicro. Apart from the fact that it squeezes four dual-processor server blades inside one 2U box, it isn’t anything special. All of the magic is in the software. Nutanix uses a combination of open source software, such as Apache Cassandra and ZooKeeper, plus a bevy of in-house developed tools. Nutanix built cluster configuration management services on ZooKeeper and heavily modified Cassandra for use as the primary object store for the cluster.
| Test Center Scorecard | |||||||
|---|---|---|---|---|---|---|---|
 |
 |
 |
 |
 |
 |
 |
|
| 20% | 20% | 20% | 20% | 10% | 10% | ||
| Nutanix NX-3000 Series | 10 | 9 | 10 | 9 | 9 | 8 |
9.3 EXCELLENT
|
Continue reading here!
//Richard
Penetration testing tips for your NetScaler – via @neilspellings – #Citrix, #NetScaler
This is a really good blog post by Neil! Keep up the good work! 😉
When working on Netscaler implementation projects, most of which tend to be internet-facing, one aspect that most organisations always perform is a penetration test. Having been through a number of these over the years, I thought it would be a good idea to share my experiences and some of the common aspects that get highlighted, to enable you to “pass first time” without having any remedial actions to work through and costly re-tests to perform.
The Netscaler has a number of IPs (NSIP, SNIP/MIP, Access Gateway VIPs etc) so what should you test against? The answer may well depend on corporate policy, but I usually test the internet-facing Access Gateway VIP and the management interface (NSIP). I also usually include StoreFront in any internal tests as this is an integral component of the overall solution, but I won’t cover StoreFront in this post.
Of course technically “bad guys” can only reach internet-facing IP addresses (as permissioned by your external firewall) but I recommend including internal-facing IPs for any DMZ-hosts to understand your exposure should another DMZ host get compromised (as your attacker can now potentially access internal IPs so the external firewall rules no longer protect you)
- Remove unnecessary management tools (telnet and FTP are considered insecure so should alwaysbe disabled). Also remove SNMP if your Netscalers are not being monitored or managed by an external monitoring service.
- Ensure that “Secure access only” is selected to force SSL access to the GUI
- Ensure that management applications are only available on an internal IP (NSIP or SNIP). Open the IP properties for the IP addresses that won’t be used for management and untick “Enable management access”
- Change the default nsroot password to something long (obvious you’d think but you’d be amazed how many Netscalers I’ve seen that I can just log straight into using the default credentials!)
- If you have set up integrated AD authentication via LDAP for administrative access to the GUI, ensure that you have protected access using a filter group, otherwise anyone with a valid AD account will be able to access your Netscaler GUI (although they won’t be able to make any changes, it’s still not a good idea them having this access!)
- If you are using…
Continue reading here!
//Richard
Login VSI 4.0 – #LoginVSI, #VDI, #Scalability, #BYOD – @LoginVSI
Login VSI 4.0 released!!
Wow, I can’t believe that my week was this busy… tooo bad though I must say thank you so much to the Login VSI team for giving me the privilege to test Login VSI 4.0 Pro prior to the release… but did I have the time? Nooooo…. 😦
But it’s gonna be one of the first things I do when I get some spare time over some night/weekend in the near future!!
Below you find the press release and a bunch of pictures I got as a part of the “blogger preview” kit!
Improved ease of installation
- Minimized test image footprint
- Centralized management and updates
- Direct Desktop Launch Mode, saves on infrastructure
Improved ease of test creation
- New intuitive and workflow oriented UI
- New editor simplifies workload customization
- Benchmarking mode simplifies comparisons
Improved test realism
- More realistic user workload patterns
- More realistic dataset and data/file access
- Real-world test execution with multiple phases
Improved test insight
- New dashboard with real-time test feedback
- Enhanced VSImax accuracy
- Automated reporting of all relevant data
#Citrix Virtual Desktop Handbook 5.x – #XenDesktop, #XenApp
Ok, this is a pretty good handbook I must admit. Have a look at it here!
And if you need help then of course you can always contact EnvokeIT! 😉
And here is a good blog post about this as well by Thomas Berger:
One of the foundational project management principals is that project success occurs when it is delivered on time, within budget and with a level of quality that is satisfactory to the client. Of course these three dimensions are valid for any desktop virtualization project as well.
While a lot of information about budget planning and TCO/ROI for virtual desktop / application delivery projects can be found on the internet (e.g. http://flexcast.citrix.com/analyzeandcompare.html), the amount of information about time planning and success criteria is very low.
Since this lack of publicly available information causes every customer to “reinvent the wheel” and therefore add some delays to their projects, we thought it’s time to provide some guidance around these topics.
The result of our efforts has become part of the newly released Citrix Virtual Desktop Handbook (http://support.citrix.com/article/CTX136546). Version 1 of this white paper focuses on the Assess phase that identifies the information required prior to starting the design phase and outlines the project management tasks I mentioned earlier.
But instead of just discussing the topics from a theoretical point of view, we provide detailed guidance and tools which can be used for your projects right away. For example you will get a sample project plan (Microsoft Project), which outlines and provides duration estimates for every step of a desktop virtualization project (sample below).
Furthermore the white paper discusses a general project methodology, describes how business priorities can be identified and provides detailed information about the roles required during a enterprise grade project (sample below).
This and even more can be found within the new Citrix Virtual Desktop Handbook..
//Richard
VRC white paper about impact of AV on VDI performance – @LoginVSI, @LoginConsultant
New VRC white paper about impact of antivirus on VDI performance
The independent research initiative Project Virtual Reality Check (VRC) released the long awaited ‘Phase V’ white paper which provides new insights in the impact and best practices of various antivirus solutions on VDI performance.
By testing and comparing different solutions and configurations Project VRC discovered the best practice to perform a pre-scan of the master image before deployment.
Another key finding is that antivirus off-loading architectures makes a big difference from a storage IO point of view, but not always from a session density point of view.
This Project VRC white paper with all Login VSI test results and best practices can be downloaded for free here:
Download the Project VRC white paper
Read other white papers based on tests with Login VSI
//Richard
#Microsoft and Others Fail Antivirus Test – #ForeFront, #FEP, #AV
Microsoft is still behind the competition…
How many of you out there are using ForeFront Endpoint Protection (FEP) to secure your clients/servers?
Below is a good article from Neil J. Rubenking about the latest (Nov/DEc 2012) report from AV-Test:
Based in Magdeburg, Germany, independent lab AV-Test evaluates and rates antivirus products on a variety of different criteria. Every couple of months the researchers summarize their testing and report on which products achieved certification. In the latest such report, several vendors failed to make the grade.
One of the many individual tests involved in AV-Test certification measures how well products stand up to zero-day attacks—viruses or other threats so new that no antivirus signature exists. AV-Test CEO Andreas Marx noted that the 25 consumer products in the current test averaged 92 percent detection of zero-day attacks. “This means,” said Marx “that one out of ten malware attacks succeeded.” He also pointed out that while the products averaged 91 percent cleanup of existing infections, many didn’t remove all traces. “Only 60% could be put back in a condition similar to the pre-infection state,” Marx observed.
Certification Failed
Products can earn six points each for repair of existing malware infestations, protection against new attacks, and overall usability. Here usability means the product doesn’t slow system performance and doesn’t falsely report valid programs or activities as malicious. In order to receive certification, a product must earn a total of 11 points.
Just as in the previous test, Microsoft didn’t make the cut, though with ten points it came close. PC Tools also failed with ten points.
The big loser this time around was AhnLab. In the previous test AhnLab squeaked by with 11 points. The latest test saw that score drop to 8.5 points, well below the certification cutof…
Continue reading here!
//Richard
Watch the #Citrix Consulting Best Practice Webcast Series
Citrix Consulting Best Practice Series
In these webinars, members of the Citrix Consulting team have taken an in-depth look at the steps to desktop virtualisation.
Beginning with the basics, looking at setting priorities, and passing on the knowledge needed to fully understand the processes, what is required for roll-out and of course the value of desktop virtualisation.
This series has been extremely popular and now, is available for you to view at your convenience.
Regardless of where you currently stand with your desktop virtualisation, feel free to look at a single phase or check out the whole series.
Content:
- Introduction: Desktop Virtualisation: Your Insight into the world of Desktop Virtualisation
- Phase 1: Establishing business priorities and mapping these to your desktop virtualisation project
- Phase 2: Analysis – understanding your existing IT infrastructure
- Phase 3: Design – key concepts and approaches for designing your desktop virtualisation solution
- Phase 4: Build/Test – validating your design and making improvements
- Phase 5: Rollout – Going Live and operational with your virtual desktops
Continue reading and watch the webcasts here!
//Richard
